NVD

Id
14972  
Name
CVE-2010-3594  
Description
Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Processing. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this is SQL injection in rsynclogdird involving improper escaping of UTF-8 characters while processing log files.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-18  
Published
2011-01-19  
Modified Date
2011-07-19  
Seq
2010-3594  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
83256 14972 CVE-2010-3594 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html  View
83257 14972 CVE-2010-3594 45874  View
83258 14972 CVE-2010-3594 1024979  View
83259 14972 CVE-2010-3594 ADV-2011-0140  View
83260 14972 CVE-2010-3594 http://www.zerodayinitiative.com/advisories/ZDI-11-016/  View
83261 14972 CVE-2010-3594 oracle-real-user-sql-injection(64779)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30822 JVNDB-2011-001061 Oracle Enterprise Manager Grid Control の Real User Experience Insight コンポーネントにおける脆弱性 Oracle Enterprise Manager Grid Control の Real User Experience Insight コンポーネントには、Processing に関する処理に不備があるため、機密性および完全性に影響のある脆弱性が存在します。 CVE-2010-3594 46174 CVE-2010-3594 14972 6.4 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001061.html 2011-01-18 2011-02-14 View