On April 19th, a piece of malicious code capable of exploiting a newly discovered security vulnerability in Oracle’s database application was widely disseminated on the web.
This malicious code emerged just one day after Oracle released its quarterly Critical Patch Update, aimed at enhancing security.
The code was distributed via the BugTraq email list and specifically targets the Oracle Database 10g application. With this code, attackers can gain elevated access to the database system.
The U.S. Computer Emergency Response Team (CERT) has urged Oracle to promptly address this security flaw.
HVD – (CNet)
