Un-patched Oracle Database Bugs - E-Business Suite Impact

There are three major un-patched Oracle Database security bugs and these bugs have varying impact on the Oracle E-Business Suite 11i. The DBMS_ASSERT bypass issues can be readily exploited in Oracle Applications using the APPLSYSPUB database account. The view security bypass vulnerability should be of critical concern for all implementations that allow direct SQL access through shared database accounts. Finally, the integer overflow in the Alter Session statement can be exploited, but requires knowledge regarding buffer overflows in order to successfully exploit.

Click here to get the file