Oracle fixes E-Business suite flaw
InternetNews | at | by Mike
Oracle's negligence in security expose database information to hackers.
A security vulnerability in Oracle's E-Business Suite could put users at risk of arbitrary script execution, according to a warning from the U.S. Computer Emergency Response Team (US-CERT).
In an advisory issued late Tuesday, US-CERT said an unauthenticated attacker could exploit the flaw to execute arbitrary SQL statements on the vulnerable system with the privileges of the Oracle server process. "In addition to compromising the integrity of the database information, this may lead to the compromise of the database application and the underlying operating system," the group cautioned.