Sixteen of the patches are for various database versions. The most severe vulnerability, which affects versions 18.104.22.168 and 22.214.171.124DV, "can potentially allow an attacker to gain full control of a vulnerable server," according to a post on Oracle's global product security blog. Other patches are for various 10g and 11g versions.
The patch update also addresses eight issues with WebLogic and AquaLogic products, including JRockit, and WebLogic Server plugins for Apache and IIS Web servers, according to the blog.
The patch for JRockit includes fixes for 14 problems alone in the Java Runtime Environment from Sun Microsystems, all essentially for bugs known since December.
Other patches are for E-Business Suite Release 12, version 12.0.6, and Release 11i, version 126.96.36.199. The update also includes fixes for PeopleSoft PeopleTools 8.49; PeopleSoft HRMS 8.9 and 9.0; Oracle XML Publisher 5.6.2, 10.1.3.2 and 10.1.3.2.1; Oracle Outside In SDK HTML Export 8.2.2 and 8.3.0; and several versions of BI Publisher.
Full details are available on Oracle's website. Oracle releases its patch updates on a quarterly basis; the next is scheduled for July 14.