Oracle 10g DBMS_EXPORT_EXTENSION SQL Injection Vulnerability

April 28, 2006

[From SecurityFocus]

Oracle 10g is prone to an SQL-injection vulnerability. An attacker could exploit this to gain DBA privileges.

This vulnerability was initially thought to have been fixed as part of the Oracle April 2006 Security Update (BID 17590), but this issue reportedly wasn't patched.

The article continues at http://www.securityfocus.com/bid/17699/info