Application: Oracle BI
Versions Affected: Oracle BI (Oracle Warehouse Builder) 10.2.0.5, 220.127.116.11
Vendor URL: http://oracle.com
Bugs: PL/SQL Injection, privilege escalation
Vendor response: 22.04.2009
Last response: 12.04.2011
Date of Public Advisory: 24.05.2011
Author: Alexandr Polyakov
PL/SQL Injection vulnerability found in procedure OWBREPOS_OWNER.WB_OLAP_AW_SET_SOLVE_ID. Exploiting vulnerability in this procedure can give any user OWBREPOS_OWNER rights and then access to OS.
Legal database user can escalate privileges and gain unauthorized access to business-critical data stored in database and also gain a full access to operation system.