Securing PL/SQL Applications with DBMS_ASSERT
Over the past few years Oracle has fixed a large number of PL/SQL injection vulnerabilities in their database server product. To help combat this class of attack Oracle has introduced the DBMS_ASSERT PL/SQL package. As a security researcher, it is excellent to see Oracle finally making the right positive moves in the direction of greater security.
This paper will emphasise the number of PL/SQL vulnerabilities and how DBMS_ASSERT has helped to lower these vulnerabilities.