Oracle "PROCESS_DUP_HANDLE" Privilege Escalation Vulnerability

March 12, 2007

[From Secunia]

Cesar Cerrudo has reported a vulnerability in Oracle Database 10, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the incorrect use of the "SetSecurityDescriptorDacl()" function when performing various tasks...

The article continues at http://secunia.com/advisories/24475/