Home » SQL & PL/SQL » SQL & PL/SQL » Oracle 12c injection (Oracle 12c )
Oracle 12c injection [message #667263] Mon, 18 December 2017 18:26 Go to next message
SoratoMan
Messages: 1
Registered: December 2017
Junior Member
Hi. Sorry for my poor English.

Example in article demonstrates executing vulnerable procedure created by sys. Using the procedure in way, suggested in article we can get dba role for our user, who posesses only create sesion priviliges.
So if vulnerable procedure vulnProc was created by user1, how user2, who have only create session , execute on vulnProc and select on table1(which created by user1) priviligies, can insert into table1 or delete any row from it?
Re: Oracle 12c injection [message #667266 is a reply to message #667263] Tue, 19 December 2017 00:43 Go to previous message
Littlefoot
Messages: 21368
Registered: June 2005
Location: Croatia, Europe
Senior Member
Account Moderator
Could you share that article? You're referring to something we can not see, so - how could anyone comment it?
Previous Topic: Error When Refreshing Materialized View
Next Topic: Help regarding regexp_substr
Goto Forum:
  


Current Time: Sun Feb 25 19:57:05 CST 2018

Total time taken to generate the page: 0.02750 seconds