[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6009188.259371279145098315.JavaMail.juha-matti.laurio@netti.fi>
Date: Thu, 15 Jul 2010 01:04:58 +0300 (EEST)
From: Juha-Matti Laurio <juha-matti.laurio@...ti.fi>
To: ZDI Disclosures <zdi-disclosures@...pingpoint.com>,
full-disclosure@...ts.grok.org.uk
Subject: Re: ZDI-10-121: Command Injection Remote Code
Execution Vulnerability
Is the affected product Secure Backup accidentally missing from the subject line and the advisory title,
i.e. the correct title is Oracle Secure Backup Administration selector Command Injection Remote Code Execution Vulnerability?
Juha-Matti
ZDI Disclosures [zdi-disclosures@...pingpoint.com] kirjoitti:
> ZDI-10-121: Command Injection Remote Code Execution Vulnerability
> http://www.zerodayinitiative.com/advisories/ZDI-10-121
> July 13, 2010
>
> -- CVSS:
> 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
>
> -- Affected Vendors:
> Oracle
>
> -- Affected Products:
> Oracle Secure Backup
--clip--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists