Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Jared Still has a new paper on protecting passwords"] [Next entry: "Esteban Martínez Fayó releases his security advisories for CPU 12 April"]

Making Oracle Forms more secure



I made a post yesterday "Frank has a fix for Forms 10.1.2 for the SQL Injection issue" about http://www.orablogs.com/fnimphius/archives/001042.html - (broken link) Franks post to fix Oracle Forms 10.1.2. I left open the window with Franks post in it and when I came to clean up this evening and close down some windows I noticed the link in Franks post to Duncan Mills post http://www.groundside.com/blog/content/DuncanMills/Oracle%20Forms/2004/07/05/59DB5707198479C14279633BF3F11A34.txt - (broken link) Making Forms Applications More Secure..." so I went to take a look at Duncan's post. This post was made on 5th July 2004 so quite some time ago. Basically Duncan had found the same issue that Alex talks about in his paper (I guess) but he did not give away the details. Quite an interesting post from Duncan!