Last Updated: 2011-10-19 01:43:46 UTC
by Mark Hofman (Version: 1)
Those of you that are Oracle product users will be used to the quarterly Critical Patch Update. In case you missed it, it was released on the 17th. There is a patch out for most of the major products. Detailed information can be found here http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html
The appendix of the above note shows the affected CVEs and the associated CVS scores. The criteria for the scores are shown, so you should be able to determine the local impact for your organisation.
If you are running Oracle I suggest you start looking at these sooner rather than later, especially if you need to comply with PCI DSS and your onsite audit is getting near.