[From CNET News.com
A new attack technique increases the risk of commonly found bugs in Oracle's database software, a security researcher has warned.
It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. With a new attack technique, that's no longer true, David Litchfield, a database security expert with NGS Software, said on Thursday at the Black Hat DC event here.
The article continues at