Oracle 9i/10g - Evil Views Change Passwords

-- -- bunkerview.sql -- -- Oracle 9i/10g - evil view exploit CVE-2007-3855 -- Uses evil view to perform unauthorized password update -- -- by Andrea "bunker" Purificato - http://rawlab.mindcreations.com -- 37F1 A7A1 BB94 89DB A920 3105 9F74 7349 AF4C BFA2 -- -- This code should be used only for...

Oracle Database - SQL Compiler Views Unauthorized Manipulation

source: https://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor...