Oracle Patches Database Security Flaw Disclosed at Black Hat

The company encourages end users to apply the security update as soon as possible.

eWeek: Oracle has issued an update for its flagship database that patches a security vulnerability demonstrated at July's Black Hat conference. Security expert David Litchfield discovered the bug, which allows authenticated remote users to execute SQL commands and could allow a full takeover of the database. The company advised, "Due to the threat posed by a successful attack and the public disclosure of the technical details of this vulnerability, Oracle strongly recommends that customers apply this Security Alert solution as soon as possible."

The vulnerability exists in Oracle database server versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2 and 11.2.0.3; it also impacts Oracle Fusion Middleware, Oracle Enterprise Manager and Oracle E-Business Suite.




Tags: database, Oracle, security, bug, update, vulnerability, Black Hat Conference


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.