Login | Register For Free | Help	Search this list this category for: (Advanced)

Mailing List Archive: Full Disclosure: Full-Disclosure Oracle - SQL Injection in package SDO_GEOM [DB06]   Index | Next | Previous | View Flat

ak at red-database-security Apr 16, 2008, 1:28 AM Views: 235 Permalink Oracle - SQL Injection in package SDO_GEOM [DB06] Oracle - SQL Injection in package SDO_GEOM [DB06] Systems Affected 9i Rel. 1 - 10g Rel. 2 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust Advisory 16 April 2008 (V 1.00) Advisory URL http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html Details The package SDO_GEOM is vulnerable against SQL injection. Patch Information Apply the patches for Oracle CPU April 2008. History 6-jun-2007 Oracle secalert was informed 15-apr-2008 Oracle published CPU April 2008 [DB06] 16-apr-2008 Advisory published © 2008 by Red-Database-Security GmbH http://www.red-database-security.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Subject User Time Oracle - SQL Injection in package SDO_GEOM [DB06] ak at red-database-security Apr 16, 2008, 1:28 AM

Index | Next | Previous | View Flat   Full Disclosure     Full-Disclosure

Interested in having your list archived? Contact lists@gossamer-threads.com
 

Web Applications & Managed Hosting Powered by Gossamer Threads Inc.