3 matches found
TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager SCPLBLCOLLECTED parameters February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes...
CVE-2013-0353
Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vecto...
CVE-2013-0353
CVE-2013-0353 affects Oracle Enterprise Manager Grid Control EM Base Platform and related EM components. The TeamSHATTER advisory documents a SQL Injection vulnerability in the EM web application (notably /em/console/ecm/config/savedConfig) that can be exploited remotely to execute statements wit...