Alias(es)Oracle.SYS.DBMS_METADATA.Injection |
Release DateApr 25, 2006 |
Severityhigh |
ImpactSystem compromise |
DescriptionThis indicates a possible attack against an SQL-Injection vulnerability in Oracle database.The vulnerability is due to the application's failure to properly validate user-supplied data. An attacker may exploit this to acquire or modify data, or to exploit other vulnerabilities in the database. |
Affected ProductsOracle Oracle9i Standard Edition 9.2.6 and earlier |
Recommended ActionsUpgrade to a non-vulnerable version. |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/13238 (BugTraq) |
