Oracle has released its Critical Patch Update for July 2012 to address 87 vulnerabilities across multiple products. This update contains the following security fixes:
- 4 for Oracle Database Server
- 1 for Oracle Application Express Listener
- 2 for Oracle Secure Backup
- 22 for Oracle Fusion Middleware
- 1 for Oracle Hyperion
- 1 for Oracle Enterprise Manager Grid Control
- 4 for Oracle E-Business Suite
- 5 for Oracle Supply Chain Products
- 9 for Oracle PeopleSoft Products
- 7 for Oracle Siebel CRM
- 1 for Oracle Industry Applications
- 24 for Oracle Sun Products
- 6 for Oracle MySQL
US-CERT encourages users and administrators to review the July 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks.
Update: Additional information regarding Outside In vulnerabilities can be found in US-CERT Vulnerability Note VU#118913.