2 matches found
Oracle Database DBMS_AQADM_SYS.GRANT_TYPE_ACCESS Procedure SQL Injection (CVE-2009-0977)
Oracle Database Server is an enterprise-level relational database application suite. To extend the functionality of the Oracle Database Server, extra packages of related program objects, e.g., procedures, functions, variables, constants, cursors, and exceptions, are provided in order to better...
CVE-2009-0977
The CVE-2009-0977 issue is an Oracle Database SQL injection vulnerability in the DBMS_AQADM_SYS.GRANT_TYPE_ACCESS procedure. Public docs state a SQL injection exists due to insufficient input validation, allowing a remote attacker with valid credentials to inject and execute SQL within the databa...