dcsimg

Oracle 10g DBMS_Scheduler Privilege Escalation Vulnerability

May 5, 2005

[From SecutityFocus]

Oracle database is prone to a privilege escalation vulnerability. A user with 'create job' privileges can switch the 'session_user' to 'SYS'. This will facilitate privilege escalation.

The article continues at http://www.securityfocus.com/bid/13509