InternetNews - Oracle Plugs Three Security Holes

"That hole, discovered by researchers Integrigy, affects the Oracle E-Business Suite 11i and Oracle Applications 11.x through 11i. The company said the problem existed in the "aoljtest.jsp" script which is part of the OA Framework Test Suite. The script contains multiple vulnerabilities that could allow malicious people to see system information, including the guest users password and application server security key."

The link address is: http://www.internetnews.com/dev-news/article.php/10792_2240411