Team SHATTER Security Advisory - An attacker hosting a malicious web site can execute SQL statements in the backend database when an administrator with an open session in Oracle Enterprise Manager web application visits the malicious web site. Versions affected include Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3.
49571641e710a1ec758dcec0e1e03620a16c0aef2ccc5eac49327bf8c09b5f3c