CVE

Id
46178  
CVE No.
CVE-2010-3594  
Status
Candidate  
Description
Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Processing. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this is SQL injection in rsynclogdird involving improper escaping of UTF-8 characters while processing log files.  
Phase
Assigned (20100920)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
502737 46178 CVE-2010-3594 MISC:http://www.zerodayinitiative.com/advisories/ZDI-11-016/  View
502738 46178 CVE-2010-3594 CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html  View
502739 46178 CVE-2010-3594 BID:45874  View
502740 46178 CVE-2010-3594 URL:http://www.securityfocus.com/bid/45874  View
502741 46178 CVE-2010-3594 SECTRACK:1024979  View
502742 46178 CVE-2010-3594 URL:http://www.securitytracker.com/id?1024979  View
502743 46178 CVE-2010-3594 SECUNIA:42973  View
502744 46178 CVE-2010-3594 URL:http://secunia.com/advisories/42973  View
502745 46178 CVE-2010-3594 VUPEN:ADV-2011-0140  View
502746 46178 CVE-2010-3594 URL:http://www.vupen.com/english/advisories/2011/0140  View
502747 46178 CVE-2010-3594 XF:oracle-real-user-sql-injection(64779)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
30813 JVNDB-2011-001052 Oracle Fusion Middleware の Oracle Document Capture コンポーネントにおける脆弱性 Oracle Fusion Middleware の Oracle Document Capture コンポーネントには、 Import Export Utility に関する処理に不備があるため、完全性に影響のある脆弱性が存在します。 CVE-2010-3598 46178 7.1 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001052.html  View