Short Name |
DB:ORACLE:WAREHOUSE-BUILDER |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
Oracle Warehouse Builder Multiple SQL Injections |
Release Date |
2011/07/21 |
Update Number |
1959 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Oracle Warehouse Builder. It is due to insufficient validation of user-supplied input. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
Oracle Database Server is prone to a remote vulnerability in Oracle Warehouse Builder. The vulnerability can be exploited over the 'Oracle Net' protocol. For an exploit to succeed, the attacker must have 'Oracle Warehouse Builder User Account' privileges. This vulnerability affects the following supported versions: 10.2.0.5 (OWB), 11.1.0.7, 11.2.0.1