Oracle CPU patch April 2006 issues installation instructions

CPU April 2006 for 10.2.0.2 contains 1 fix related to sql injection of a sys package. Exploits for this issue have been released before the official patch release. The exploit works even when the patch has been applied. To mitigate the risk the following action has been taken:

  • revoke execute on sys.dbms_export_extension from public;


This topic: PSSGroup > PhysicsDatabasesSection > DbaArea > CpuApril06
Topic revision: r2 - 2006-05-02 - LucaCanali
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2020 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback