Oracle has released the first Critical Patch Update for 2009 to provide fixes for at least address 43 vulnerabilities across several database server products. The mega update was released on the same day Microsoft released its own security patches, plugs at least 16 holes in the company’s flagship Oracle Database server. Two of the database vulnerabilities (Cluster Services, TNS Listener) are remote exploitable without authentication. Read the full article on the latest Oracle update for 2009: http://www.oracle.com/news/.
Source: https://threatpost.com/oracle-plugs-critical-database-server-holes-041509/72503/