Oracle.XDB.PITRIG.PKG.Insecure.Procedures

description-logoDescription

This indicates an attempt to exploit a buffer overflow or SQL injection vulnerability in Oracle Database.
The vulnerability is caused by an input validation error in the procedures "xDb.XDB_PITRIG_PKG.PITRIG_TRUNCATE" and "xDb.XDB_PITRIG_PKG.PITRIG_DROP". It allows remote attackers to execute arbitrary code or inject SQL statements via the first parameter of these two procedures.

affected-products-logoAffected Products

Oracle Database 9.2.0.8
Oracle Database 9.2.0.8DV
Oracle Database 10.1.0.5
Oracle Database 10.2.0.3

Impact logoImpact

System Compromise: remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for suggested workaround.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)