Oracle issues 'high' alert over E-Business Suite vulnerability
Posted on 11 Jun 2004 at 11:07
Oracle has alerted users of its Oracle E-Business Suite to vulnerabilities that allow an attacker to execute unauthorised procedures or SQL inside the database.
The flaws were discovered by Integrigy, an enterprise application security company. They are termed 'SQL injection' vulnerabilities and can be remotely exploited, via a browser, by sending specially crafted URLs to the web server hosting the Suite.
Oracle is strongly recommending that customers apply a patch made available as no work around exists for the flaw. It describes the risk as 'high' because any hacker with browser access can exploit the vulnerabilities.
Software affected comprises: Oracle E-Business Suite Release 11i and 11.5.1 through 11.5.8. Release 11.5.9 and later releases are not affected, however.
You can read more details on the Oracle Technology Network website, with patches available from the MetaLink website.
Author: Alun Williams
advertisement
- What's that eggy smell in the server room?
- How to change the default template in Word 2007
- Book review: Rework by Jason Fried and David Heinemeier Hansson
- Panorama parents deserve their file-sharing fine
- Google and BT offer free website service to British businesses
- Lords' last chance to protect broadband customers
- Extreme handwriting recognition on the Dell Latitude XT2
- 12 surprising things that Wolfram Alpha knows
- Nokia N900: phone or pocket computer?
- The sinister side of Spotify
- The ease of hacking a WEP network
- Delving into the Norton 2010 line-up
- Banish your Wi-Fi woes
- How to commit Facebook suicide
- Which smartphone keyboard is the best?
- We can beat the botnets
- Paying for code doesn’t mean owning it
- Cracking the iSCSI conundrum
- The perfect open-source task scheduler
- Exploring Microsoft Office 2010 beta
advertisement
Printed from www.pcpro.co.uk