A vulnerability in the Portable Clusterware component of Oracle Database Server could allow a local attacker to compromise a targeted system completely.
The vulnerability is due to improper input validation that is performed by the affected software. An attacker with Grid Infrastructure User privileged access to the infrastructure where Portable Clusterware executes could exploit the vulnerability by submitting malicious input to the affected software. A successful exploit could allow the attacker to compromise the system completely.
Oracle confirmed the vulnerability and released software updates.
Security Impact Rating: High