Oracle Database contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to Workspace Manager not properly sanitizing user-supplied input to the LT.ROLLBACKWORKSPACE procedure. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability.

• CVE ID: 2009-0978 (see also: NVD)
• Secunia Advisory ID: 34693
• Related OSVDB ID: 53725 53726 53727 53728 53729 53730 53731 53732 53733 53735 53736 53737 53738 53739 53740 53741 53753 53756 53761
• Metasploit ID: 53734
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0072.html
• News Article: http://gcn.com/articles/2009/04/16/oracle-vulnerabilities.aspx
• Generic Exploit URL: http://trac.metasploit.com/changeset/6537
• Other Advisory URL: http://www.appsecinc.com/resources/alerts/oracle/2009-03.shtml
• Vendor Specific Advisory URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html

• Esteban Martinez Fayo - infoappsecinc.com - Application Security, Inc.