Oracle is set to release 45 critical security fixes next Tuesday.
Among the affected products are Oracle's database; its TimesTen in-memory database; Oracle Application Server; a number of PeopleSoft Enterprise products; Oracle Enterprise Manager Database Control; E-Business Suite; and WebLogic Server, which it acquired by purchasing BEA Systems. There are no new patches for Oracle's JD Edwards products.
The patch set includes 11 database fixes that affect a number of versions within the 11g, 10g and 9i releases. None of the security weaknesses the patches target can be exploited over a network without a user name and password, Oracle said.
Meanwhile, three of the seven patches for WebLogic Server and all nine for Oracle Application Server regard vulnerabilities that can be exploited with no authentication needed, according to Oracle.
More information is available on Oracle's website.