Just came across a paper called "Cursor Injection - A New Method for Exploiting PL/SQL Injection and Potential Defences" of David Litchfield.
It shows once more that writing proper code is important, as is getting your database to the right patch level.
--
Off topic: Carl Backstrom blogged about a music clip called "Code Monkey" here. You should see it, it's fantastic!
--
No comments:
Post a Comment