Intrusion Prevention

Oracle.SYS.DBMSMETADATA.SQL.Injection

Description

This indicates a possible attack against an SQL-Injection vulnerability in Oracle database.
The vulnerability is due to the application's failure to properly validate user-supplied data. An attacker may exploit this to acquire or modify data, or to exploit other vulnerabilities in the database.

Affected Products

Oracle Oracle9i Standard Edition 9.2.6 and earlier

Impact

System compromise

Recommended Actions

Upgrade to a non-vulnerable version.