Friday, September 17, 2021

Oracle Patches Database Security Flaw Disclosed at Black Hat

eWeek: Oracle has issued an update for its flagship database that patches a security vulnerability demonstrated at July’s Black Hat conference. Security expert David Litchfield discovered the bug, which allows authenticated remote users to execute SQL commands and could allow a full takeover of the database. The company advised, “Due to the threat posed by a successful attack and the public disclosure of the technical details of this vulnerability, Oracle strongly recommends that customers apply this Security Alert solution as soon as possible.”

The vulnerability exists in Oracle database server versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2 and 11.2.0.3; it also impacts Oracle Fusion Middleware, Oracle Enterprise Manager and Oracle E-Business Suite.

Similar articles

Latest Articles