Security alert posted for PeopleSoft
A serious security flaw in business management software from PeopleSoft leaves sensitive corporate data vulnerable to attackers.
The flaw, known as a remote command execution vulnerability, gives outsiders the ability to install malicious computer code on PeopleSoft customers' Web servers, potentially leading to a "complete compromise" of their PeopleSoft business systems, according to Internet Security Systems (ISS), the Atlanta-based computer security company that issued the warning.
"Compromise of PeopleSoft Web server installations may disclose critical confidential information and facilitate the compromise of PeopleSoft application and database back-end servers," stated the ISS advisory.
[ Read more ]