---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Oracle Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA26114 VERIFY ADVISORY: http://secunia.com/advisories/26114/ CRITICAL: Highly critical IMPACT: Unknown, Security Bypass, Manipulation of data WHERE: >From remote SOFTWARE: Oracle Database 10.x http://secunia.com/product/3387/ PeopleSoft Enterprise Customer Relationship Management (CRM) 8.x http://secunia.com/product/5941/ Oracle9i Database Standard Edition http://secunia.com/product/358/ Oracle9i Database Enterprise Edition http://secunia.com/product/359/ Oracle Secure Enterprise Search 10.x http://secunia.com/product/13978/ Oracle PeopleSoft Enterprise Tools 8.x http://secunia.com/product/9411/ Oracle PeopleSoft Enterprise Human Capital Management 9.x http://secunia.com/product/14817/ Oracle PeopleSoft Enterprise Human Capital Management 8.x http://secunia.com/product/13980/ Oracle PeopleSoft Enterprise Customer Relationship Management (CRM) 9.x http://secunia.com/product/14815/ Oracle E-Business Suite 12.x http://secunia.com/product/13979/ Oracle E-Business Suite 11i http://secunia.com/product/442/ Oracle Collaboration Suite 10.x http://secunia.com/product/2450/ Oracle Application Server 10g http://secunia.com/product/3190/ Oracle Application Express 2.x http://secunia.com/product/12342/ Oracle Application Express 1.x http://secunia.com/product/12341/ DESCRIPTION: Multiple vulnerabilities have been reported for various Oracle products. Some of these have unknown impacts, while others can be exploited to bypass certain security restrictions and conduct SQL injection attacks. Details are available for the following vulnerabilities: 1) Oracle APEX does not correctly sanitise input passed via the password used in the wwv_flow_security.check_db_password function before using it in SQL queries. This can be exploited to modify SQL queries by injecting arbitrary SQL code. 2) Specially crafted views can be exploited to perform updates, deletes and inserts without having proper privileges. 3) Certain input processed by the DBMS_PRVTAQIS package is not correctly sanitised before being used in SQL queries. This can be exploited to modify SQL queries by injecting arbitrary SQL code. SOLUTION: Apply patches (See vendor's advisory). PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Esteban Martinez Fayo of Application Security, Inc. * Jack Kanter and Stephen Kost of Integrigy * Guy Karlebach of Imperva * Joxean Koret * Alexander Kornbrust of Red Database Security GmbH * Michael Krax * David Litchfield and Paul M. Wright of Next Generation Security Software Ltd. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2007.html Red Database Security: http://www.red-database-security.com/advisory/oracle_apex_sql_injection_check_db_password.html http://www.red-database-security.com/advisory/oracle_view_vulnerability.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------