3 matches found
OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...
CVE-2010-3582
CVE-2010-3582 concerns Oracle VM 2.2.1, where an input validation flaw in the Oracle VM Server Agent’s XML-RPC processing (utl_test_url) enables a remote authenticated attacker to inject commands with root privileges, compromising confidentiality, integrity, and availability. The issue is specifi...