February 3, 2010, 9:47AM
Oracle Hacker Gets the Last Word
Comment 
Database security expert David Litchfield
has unveiled a critical,
unpatched vulnerability in Oracle's 11G database software that allows a hacker to take control of an
Oracle database and access or modify information at any security level.
Two sections of code within the company's database application -- one that allows data to be moved between servers and another that allows management of Oracle's implementation of java -- are left open to any user, rather than only to privileged administrators. Those vulnerable subroutines each have their own simple flaws that allow the user to gain complete access to the database's contents. Read the full story [Forbes]
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
- Anonymous Leaks FBI, Scotland Yard Phone Call Detailing Hacking Investigations
- Video: New Banking Trojan Caught Breaking CAPTCHA
- Privacy Fail: Is Uncle Sam Encouraging Bad Security?
- Apple Ships Huge Set of Patches for OS X
- Market Fail: Regulations May Be Only Hope For Securing Critical Infrastructure
Most Commented Stories
-
Mac OS X Sandbox Security Hole Uncovered (4)
-
Apple Ships Huge Set of Patches for OS X (4)
-
Privacy Fail: Is Uncle Sam Encouraging Bad Security? (4)
-
Anonymous Leaks FBI, Scotland Yard Phone Call Detailing Hacking Investigations (4)
-
Video: New Banking Trojan Caught Breaking CAPTCHA (4)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
