Oracle takes years to fix holes
Oracle Corp. has failed to fix security flaws in its products, despite knowing about the vulnerabilities for as long as two years, a German security firm said.
Red-Database-Security GmbH reported the flaws in Oracle Reports and Oracle Forms in six advisories published July 19. The security firm specializing in Oracle products said it first notified the Redwood City, Calif., company about the flaws during a period ranging from 718 to 663 days ago.
By Antone Gonsalves at InformationWeek.
[ Read more ]