APEX Password Hash Disclosure

Name Unprivileged DB users can see APEX password hashes Systems Affected APEX 3.0 optional component of 11.1.0.7 installation Severity High Risk Category Password Disclosure Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com CVE CVE-2009-0981 Advisory 14...

[Full-disclosure] Oracle Workflow CSS Vulnerability wf_monitor

Dear FD-Reader, The Oracle Critical Patch Update October 2005 provides fixes for 2 Cross-Site- Scripting vulnerabilities in Oracle Workflow found by Red-Database-Security GmbH. I know that the severity and impact of CSS bugs is low. My critical security bugs in Oracle e.g. become DBA via the impo...