Team SHATTER Security Advisory - Some parameters of /em/console/database/dist/advRepl/advReplicationAdmin in Oracle Enterprise Manager are vulnerable to SQL Injection attacks. Versions affected include Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3.
764c0111ae8ae757f9bc4ad86d2176345b8915225042a02c5117b991396719f1
Team SHATTER Security Advisory - An attacker hosting a malicious web site can execute SQL statements in the backend database when an administrator with an open session in Oracle Enterprise Manager web application visits the malicious web site. Versions affected include Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3.
49571641e710a1ec758dcec0e1e03620a16c0aef2ccc5eac49327bf8c09b5f3c