Oracle taken to task for time to fix vulnerabilities
The flaws vary in severity with three of the six classified by the firm as high risk, potentially allowing a remote attacker to compromise a server or overwrite files, according to advisories released by Red Database.
Oracle's behavior (in) not fixing critical security bugs for a long time--over 650 days--is not acceptable for their customers.
By Robert Lemos at SecurityFocus.
[ Read more ]