By Graeme Wearden, 3 August 2004 17:30
NEWS A UK company has reportedly discovered over 30 vulnerabilities in current and previous versions of Oracle's database applications.
The flaws will allow hackers to change or steal sensitive data, according to an article in the Wall Street Journal on Tuesday.
They were found by Next Generation Security Software, based in Surrey. David Litchfield, managing director of Next Generation Security Software, is said to have discussed the vulnerabilities at last week's Black Hat IT security conference.
Some of the flaws are said to include "remote, unauthenticated overflows that can be used to gain control of the system". Others relate to the PL-SQL language, which is used by other applications to send commands to the database.
Neither Oracle nor Next Generation Security Software immediately responded to requests for comment.
Graeme Wearden writes for ZDNet UK
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below