Live: 300+ Best Black Friday Deals Live: Black Friday TV Deals BF Deals Under $25 BF Deals Under $50 5 BF Splurges 8 BF Must-Haves 15 Weird Amazon BF Deals BF Cheat Sheet
Want CNET to notify you of price drops and the latest stories?
No, thank you
Accept

Database flaws more risky than thought

Newly released details of flaws found earlier in Oracle and IBM databases have some security firms worried.

Details of multiple security flaws in Oracle and IBM databases have been released by the security company that found them.

The flaws, which were described in general terms in August and September by Next-Generation Security Software, could allow an attacker to remotely compromise servers running the database programs. Security company Symantec raised its Internet threat rating of the flaws to 2 from 1, based on the details released on Thursday.

NGSSoftware gave users of the databases more than three months to fix their systems when it announced its discovery of the flaws. Oracle has already released patches for the 10 vulnerabilities affecting its 9i database, and IBM has issued fixes for two flaws in DB2 versions 7 and 8.1.

"Some of these are more serious than others," said David Litchfield, a security researcher and co-founder of U.K.-based NGSSoftware. "Most of these vulnerabilities can be exploited remotely."

The advisories can be found on .