Info

Disclosure

Oct 18, 2005

Discovery

Unknown

Dates

Exploit

Nov 30, 2005

Solution

Oct 18, 2005

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Commercial
Disclosure: Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability.

Products

Unknown or Incomplete

References

Security Tracker: 1015074
Secunia Advisory ID: 17250 17313
CVE ID: 2005-3460 (see also: NVD) 2005-4654 (see also: NVD)
VUPEN Advisory: ADV-2005-2196
Generic Informational URL: http://news.zdnet.com/2100-1009_22-5900784.html
http://www.zdnet.com.au/news/security/soa/Flaw_hunters_pick_holes_in_Oracle_patches/0,2000061744,39219523,00.htm
Vendor Specific Advisory URL: http://www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01235
Generic Exploit URL: http://www.saintcorporation.com
http://www.saintcorporation.com/cgi-bin/exploit_info/oracle_emagent
Keyword: Oracle Critical Patch Update - October 2005,EM01

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/20664