CVE-2011-3511

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 10.2.0.3 through 10.2.0.5 Oracle Database Server version 11.1.0.7 Oracle Database Server version 11.2.0.2

Description The issue allows remote authenticated users to affect integrity and availability. It also enables remote attackers to bypass security restrictions, execute arbitrary SQL commands, and gain access to sensitive data.

Recommendations For Oracle Database Server versions 10.2.0.3 through 10.2.0.5, update to a version that addresses the security restrictions bypass and arbitrary SQL command execution issues. For Oracle Database Server version 11.1.0.7, update to a version that addresses the security restrictions bypass and arbitrary SQL command execution issues. For Oracle Database Server version 11.2.0.2, update to a version that addresses the security restrictions bypass and arbitrary SQL command execution issues. As a temporary workaround, consider restricting access to privileged accounts and sensitive data to minimize the risk of exploitation.