[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ZDI-10-121: Command Injection Remote Code Execution Vulnerability

To: ZDI Disclosures <zdi-disclosures@xxxxxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] ZDI-10-121: Command Injection Remote Code Execution Vulnerability
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Thu, 15 Jul 2010 01:04:58 +0300 (EEST)

Is the affected product Secure Backup accidentally missing from the subject 
line and the advisory title,
i.e. the correct title is Oracle Secure Backup Administration selector Command 
Injection Remote Code Execution Vulnerability?

Juha-Matti

ZDI Disclosures [zdi-disclosures@xxxxxxxxxxxxxxxx] kirjoitti: 
> ZDI-10-121: Command Injection Remote Code Execution Vulnerability
> http://www.zerodayinitiative.com/advisories/ZDI-10-121
> July 13, 2010
> 
> -- CVSS:
> 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
> 
> -- Affected Vendors:
> Oracle
> 
> -- Affected Products:
> Oracle Secure Backup
--clip--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Drupal OG Menu Module XSS Vulnerability
Next by Date: [Full-disclosure] Mailman Mis/Default configuration
Previous by thread: [Full-disclosure] Drupal OG Menu Module XSS Vulnerability
Next by thread: [Full-disclosure] Mailman Mis/Default configuration
Index(es):
- Date
- Thread