Oracle Bug Exploit Loose
April 20, 2006[From TechWeb]
An exploit that leverages one of the three-dozen vulnerabilities patched Tuesday by Oracle has been spotted in the wild, a security company said Thursday, making patching even more essential.
According to an alert sent by Symantec to customers of its DeepSight system, an exploit for one of the Oracle flaws was published on the Bugtraq security mailing list. The exploit, which targets one of the Oracle Database 10g bugs, escalates privileges of existing users to give them total access to the database.
The article continues at http://www.techweb.com/wire/security/186500193