Oracle RDBMS - Critical security patches released in October
During October, Oracle released several critical security patches that companies should quickly test and apply to safeguard information in these data base repositories.
2005-10-19 : Oracle Products Buffer Overflow and SQL Injection Vulnerabilities
Multiple vulnerabilities were identified in various Oracle products, which may be exploited by remote or local attackers to cause a denial of service, execute arbitrary commands, conduct SQL injection attacks and cross site scripting attacks, or bypass certain security restrictions. These flaws are due to unspecified errors in Oracle Database Server, Application Server, Collaboration Suite, E-Business Suite, Applications, Enterprise Manager, PeopleSoft Enterprise, and JD Edwards EnterpriseOne. No further details have been disclosed.