SQL Injection Vulnerability in Oracle 9i and 10g Triggers MDSYS.SDO_GEOM_TRIG_INS1 and MDSYS.SDO_LRS_TRIG_INS

SQL Injection Vulnerability in Oracle 9i and 10g Triggers MDSYS.SDO_GEOM_TRIG_INS1 and MDSYS.SDO_LRS_TRIG_INS

CVE-2004-1339 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.

Learn more about our Web Application Penetration Testing UK.