• info
• discussion
• exploit
• solution
• references

Oracle Database Server DACL Multiple Insecure Permissions Vulnerabilities

An attacker can use readily available process-monitoring tools to exploit these issues.

The following proof-of-concept exploit demonstrating arbitrary code execution with elevated privileges is available:

• /data/vulnerabilities/exploits/22905.c