A vulnerability in Oracle Database for Microsoft Windows could allow a remote attacker to log on to the system with elevated privileges.
A vulnerability exists in Oracle Database's Core Relational Database Management System (RDBMS) that may allow a remote attacker to log on to the system with elevated privileges. According to NGSSoftware-OracleCPUAPR2007:
Due to the way that Windows XP with Simple File Sharing enabled logs on users it is possible for an attacker to gain DBA access to the Oracle server.
A remote attacker could log on to a vulnerable system and gain elevated privileges.
Apply a patch
This issue is addressed in Oracle Critical Patch Update - April 2007
|Date First Published:||2007-04-18|
|Date Last Updated:||2007-04-24 18:06 UTC|