Oracle.Database.REPCAT_RPC.VALIDATE_REMOTE_RC.SQL.Injection

description-logoDescription

This indicates an attempt to exploit a SQL injection vulnerability in Oracle Database server.
The vulnerability is caused by an input validation error in function VALIDATE_REMOTE_RC of the package DBMS_REPCAT_RPC. It allows a remote attacker to inject and execute malicious SQL commands on the target server.

affected-products-logoAffected Products

Oracle Oracle9i Standard Edition 9.2 .8DV
Oracle Oracle9i Standard Edition 9.2 .8
Oracle Oracle9i Personal Edition 9.2 .8DV
Oracle Oracle9i Personal Edition 9.2 .8
Oracle Oracle9i Enterprise Edition 9.2 .8DV
Oracle Oracle9i Enterprise Edition 9.2 .8.0
Oracle Oracle10g Standard Edition 10.2 .3
Oracle Oracle10g Standard Edition 10.1 .0.5
Oracle Oracle10g Personal Edition 10.1 .5
Oracle Oracle10g Personal Edition 10.2.0.4
Oracle Oracle10g Enterprise Edition 10.2 .3
Oracle Oracle10g Enterprise Edition 10.1 .5

Impact logoImpact

System Compromise.

recomended-action-logoRecommended Actions

Apply Critical Patch Update Advisory - July 2009:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)