Oracle.Database.SYS.KUPW.WORKER.SQL.Injection

description-logoDescription

This indicates a possible exploit of a remote SQL injection vulnerability in the SYS.KUPW$Worker package in Oracle database server. Attackers may be able to execute arbitary SQL commands via the first or second parameter in MAIN procedure.

affected-products-logoAffected Products

Oracle 10.1.0.5

Impact logoImpact

SQL injection.

recomended-action-logoRecommended Actions

Apply the patches for Oracle CPU July 2006.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)