Re: SQL may execute in wrong schema -- Quite Dangerous

  • From: rjamya <rjamya@xxxxxxxxx>
  • To: "Hemant K Chitale" <hkchital@xxxxxxxxxxxxxx>
  • Date: Wed, 20 Sep 2006 08:07:00 -0400

I read that and very specifically I stopped myself from quoting a lot
of metalink text in the e-mail. I believe in the past (many moons ago,
perhaps Jared will remember) there were objections to fully quoting
(or copying full) articles from Metalink into the emails.

Hence I simply provided a bug# so interested parties can go search. I
am not saying you did something wrong, but I just wouldn't do that in
this lawyer happy world.

Or maybe you will luck out since uncle Larry is busy getting ready for
the premier of a movie (Flyboys) he helped finance and his son is one
of the actors. So he is in a good mood.


On 9/20/06, Hemant K Chitale <hkchital@xxxxxxxxxxxxxx> wrote:

Quite Dangerous ?! b Worthy of a Critical CPU (can be seen as a Vulnerability)

The latest Rediscovery for 5458753 is
"*** 09/19/06 09:54 pm *** Rediscovery Information:
1. if the application design is such that schemas have similar
looking  objects and cursors
access those objects without full qualification, then due  to this
bug there is a possibility
under high pressure on the library cache  that the cursor might
access the incorrect base
object ie another schemas  object which has the same name and
structure. if the structure
isn't similar  then we might get parse/semantic errors ORA-904 ,
ORA-02291 ( contraint  errors) .

Other related posts: