|
|
|||
| Rule General Information |
|---|
| Release Date: | 2014-12-31 | |
| Rule Name: | Oracle Database Server CREATE_TABLES SQL Injection (CVE-2009-1991) | |
| Severity: | Low | |
| CVE ID: | CVE-2009-1991 | |
| Rule Protection Details |
|---|
| Description: | An SQL injection vulnerability exists in Oracle Database server. The vulnerability is due to an input validation error in function CREATE_TABLES of the package CTXSYS.DRVXTABC. | |
| Impact: | SQL injection | |
| Affected OS: | Windows | |
| Reference: | CVE-2009-1991 |
|
| Solutions |
|---|
| Update vendor's patch. |