Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle database server 10.2.1 |
||
oracle database server 10.2.2 |
||
oracle database server 10.2.3 |