Franz Hüll

**Name of the Vulnerable Software and Affected Versions** Oracle Database versions 9.2.0.8 through 9.2.0.8DV Oracle Database versions 10.1.0.5 Oracle Database versions 10.2.0.3 **Description** The issue affects the Advanced Queuing component and is related to `DBMS AQIN`. It may allow remote authenticated users to impact confidentiality and integrity. There are claims that this issue could be related to SQL injection in the `GRANT TYPE ACCESS` procedure within the `DBMS AQADM SYS` package. **Recommendations** For Oracle Database version 9.2.0.8, consider restricting access to the Advanced Queuing component until a fix is available. For Oracle Database version 9.2.0.8DV, consider restricting access to the Advanced Queuing component until a fix is available. For Oracle Database version 10.1.0.5, consider restricting access to the Advanced Queuing component until a fix is available. For Oracle Database version 10.2.0.3, consider restricting access to the Advanced Queuing component until a fix is available. As a temporary workaround, consider disabling the `GRANT TYPE ACCESS` procedure in the `DBMS AQADM SYS` package to minimize the risk of exploitation.