VULHUB ™

There's a critical flaw in the Oracle PLSQL Gateway, a component of iAS, OAS and the Oracle HTTP Server, that allows attackers to bypass the PLSQLExclusion list and gain access to "excluded" packages and procedures. This can be exploited by an attacker to gain full DBA control of the backend database server through the web server.

There's a critical flaw in the Oracle PLSQL Gateway, a component of iAS, OAS and the Oracle HTTP Server, that allows attackers to bypass the PLSQLExclusion list and gain access to "excluded" packages and procedures. This can be exploited by an attacker to gain full DBA control of the backend database server through the web server.