• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Oracle 9i/10g Database OBJECT_TYPE Remote SQL Injection Vulnerability

Oracle database is prone to an SQL injection vulnerability. This issue exists due to insufficient sanitization of user-supplied data.

The 'OBJECT_TYPE' parameter that is used by the 'DBMS_METADATA' package is vulnerable.

The package that is vulnerable, executes with the privileges of the calling user. However, the package employs another package, which executes the injected SQL with SYS user privileges.

This issue can be exploited using malformed PL/SQL statements to pass unauthorized SQL statements to the database. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

This issue was originally disclosed in the 'Oracle Critical Patch Update - April 2005' advisory. BID 13139 Oracle Multiple Vulnerabilities describes the issues covered in the Oracle advisory. There is insufficient information at this point in time to associate this vulnerability with an identifier from the Oracle advisory.