Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection Vulnerability

Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection Vulnerability

References:

Critical Patch Update - April 2005 (Oracle)
Oracle Homepage (Oracle)
Oracle Reports 10g Home Page (Oracle)
OraDBMS_CDC_SUBSCRIBEExploit.txt (Argeniss)
OraDBMS_CDC_SUBSCRIBEWorkaround.sql (Argeniss)
Multiple SQL Injection vulnerabilities in DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSC (Team SHATTER )
Re: Problems with the Oracle Critical Patch Update for April 2005 (Cesar )

Privacy Statement
Copyright 2010, SecurityFocus