Oracle users may potentially be at risk from a half dozen vulnerabilities, even if they applied the company's latest patch released last week.
German security research Alexander Kornbrust of Red-Database-Security has issued six security advisories affecting Oracle Forms and Oracle Reports.
On the highly critical side, the vulnerabilities could allow a system to be compromised, provide for privilege escalation attacks or allow an attacker to overwrite arbitrary files. At the low end, the flaws could be used for cross site scripting attacks or information disclosure.
The article continues at http://internetnews.com/security/article.php/3521671