Printed from www.pcpro.co.uk
Oracle issues 'high' alert over E-Business Suite vulnerability
Posted on 11 Jun 2004 at 11:07
Oracle has alerted users of its Oracle E-Business Suite to vulnerabilities that allow an attacker to execute unauthorised procedures or SQL inside the database.
The flaws were discovered by Integrigy, an enterprise application security company. They are termed 'SQL injection' vulnerabilities and can be remotely exploited, via a browser, by sending specially crafted URLs to the web server hosting the Suite.
Oracle is strongly recommending that customers apply a patch made available as no work around exists for the flaw. It describes the risk as 'high' because any hacker with browser access can exploit the vulnerabilities.
Software affected comprises: Oracle E-Business Suite Release 11i and 11.5.1 through 11.5.8. Release 11.5.9 and later releases are not affected, however.
You can read more details on the Oracle Technology Network website, with patches available from the MetaLink website.
Author: Alun Williams
advertisement
- Microsoft shows courage at Tech-Ed 09
- PowerPoint and Silverlight: a perfect match?
- Why all the fuss over Windows Explorer?
- Your iPhone has a virus? Well it's your fault
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
- Building a better Google
- Beware HP's horrendous printer-driver glitch
- Microsoft debuts free Morro antivirus package
- Getting started with Search Server 2008 Express
advertisement
