Oracle issues 'high' alert over E-Business Suite vulnerability
Posted on 11 Jun 2004 at 11:07
Oracle has alerted users of its Oracle E-Business Suite to vulnerabilities that allow an attacker to execute unauthorised procedures or SQL inside the database.
The flaws were discovered by Integrigy, an enterprise application security company. They are termed 'SQL injection' vulnerabilities and can be remotely exploited, via a browser, by sending specially crafted URLs to the web server hosting the Suite.
Oracle is strongly recommending that customers apply a patch made available as no work around exists for the flaw. It describes the risk as 'high' because any hacker with browser access can exploit the vulnerabilities.
Software affected comprises: Oracle E-Business Suite Release 11i and 11.5.1 through 11.5.8. Release 11.5.9 and later releases are not affected, however.
You can read more details on the Oracle Technology Network website, with patches available from the MetaLink website.
Author: Alun Williams
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
Printed from www.pcpro.co.uk

