what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Oracle Database CREATE_CHANGE_SET SQL Injection
Posted Oct 15, 2010
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database provides the DBMS_CDC_PUBLISH PL/SQL package owned by SYS that is part of the Change Data Capture component. This package has a SQL Injection vulnerability in CREATE_CHANGE_SET procedure. A malicious user can call the vulnerable procedure of this package with specially crafted parameters and execute SQL statements with the elevated privileges of the SYS user.

tags | advisory, sql injection
advisories | CVE-2010-2415
MD5 | e0f92e4c71dae8b0120c2023b6b4d595
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
What Would Happen If The Whole Internet Just Shutdown All Of A Sudden?
Posted Aug 19, 2019

tags | headline, data loss, terror
Texas Government Orgs Hit By Ransomware Attack
Posted Aug 19, 2019

tags | headline, hacker, government, malware, usa, fraud, cryptography
IRS Beings Tax Clampdown On Unreported Cryptocurrency Profits
Posted Aug 19, 2019

tags | headline, government, privacy, usa, fraud, cryptography
Clickjacking Counter Measures Appear In Chrome
Posted Aug 19, 2019

tags | headline, fraud, google, chrome
New Attack Exploiting Bluetooth Weakness Intercepts Data
Posted Aug 17, 2019

tags | headline, privacy, wireless, data loss, flaw
Google Wants To Reduce HTTPS Cert Lifetimes To 1 Year
Posted Aug 17, 2019

tags | headline, privacy, google, cryptography
European Central Bank Confirms BIRD Site Hacked
Posted Aug 17, 2019

tags | headline, hacker, government, privacy, bank, data loss
NSA Asks Congress To Permanently Reauthorize Spying Program
Posted Aug 17, 2019

tags | headline, government, privacy, usa, phone, spyware, nsa
We Asked Def Con Attendees Why People Are Still Getting Hacked
Posted Aug 16, 2019

tags | headline, hacker, conference
Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections
Posted Aug 16, 2019

tags | headline, government, usa, fraud
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close