Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection

/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION Max. Length 97. Very, very cool / select from userroleprivs ; DECLARE SEQUENCEOWNER VARCHAR2200; SEQUENCENAME VARCHAR2200; vuserid number; vcommands VARCHAR232767; NEWVALUE NUMBER; BEGIN SELEC...

Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection

Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...

Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit

Exploit for multiple platform in category local exploits ======================================================== Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit ======================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret...

Oracle 10g - Alter Session Integer Overflow

Oracle 10g - Alter Session Integer Overflow source: https://www.securityfocus.com/bid/19201/info Oracle 10g is reportedly prone to a integer-overflow vulnerability because the application fails to allocate a large enough data type to accommodate user-supplied input before using it in a query. Thi...