Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Tips Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
SQL Scripts & Samples
» Database Forum
» Slideshows
» Sitemap
Free Newsletters:

News Via RSS Feed

Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles

Database News

Posted Jul 25, 2003

Oracle Plugs Three Security Holes

By DatabaseJournal.com Staff

[From internetnews.com]

Oracle (Quote, Company Info) has issued patches to plug three security holes in its software suite, including two potentially serious flaws affecting its E-Business and Applications products.

The most serious issue was detected in the Oracle Applications Web Report Review (FNDWRR) program, which is implemented as a CGI. In an advisory, Oracle said a buffer overflow exists in the FNDWRR program that could allow an attacker to gain control of the process and execute arbitrary code on the server.

"This buffer overflow can be remotely exploited using a web browser and an overly long URL," the company said, urging users to apply the required patches immediately. Affected software include the Oracle E-Business Suite 11i and Oracle Applications 10.x through 11i.

In a separate warning, Oracle said research firm NGS Software found a buffer overflow vulnerability in the Oracle 8i and 9i database server products.

The article continues at http://www.internetnews.com/dev-news/article.php/2240411

Database News Archives

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM