Oracle.XDB.PITRIG.PKG.Insecure.Procedures
Description
This indicates an attempt to exploit a buffer overflow or SQL injection vulnerability in Oracle Database.
The vulnerability is caused by an input validation error in the procedures "xDb.XDB_PITRIG_PKG.PITRIG_TRUNCATE" and "xDb.XDB_PITRIG_PKG.PITRIG_DROP". It allows remote attackers to execute arbitrary code or inject SQL statements via the first parameter of these two procedures.
Affected Products
Oracle Database 9.2.0.8
Oracle Database 9.2.0.8DV
Oracle Database 10.1.0.5
Oracle Database 10.2.0.3
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |