The FGA weakness in reportedly not fixed in a fully patched version 9.2.0.6.
Provided and/or discovered by: 4) Cesar Cerrudo
The vendor credits the following people:
* Pete Finnigan
* Alexander Kornbrust, Red Database Security
* Stephen Kost, Integrigy
* David Litchfield, NGSSoftware
Changelog: 2005-01-24: Added link to Integrigy advisory.
2005-02-14: Added CVE references.
2005-03-08: Updated advisory.
2005-05-06: Added additional information from Red Database Security.
2006-02-01: Added CVE references.
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.