Oracle Enterprise Manager

ソフト名：Oracle Enterprise Manager 10.x/11.x

回避策：アップデートにて対応

脆弱性：データ操作, 機密情報の奪取, DoS攻撃, 不特定のエラー, 不正HTTPのリクエスト, ファイル内容の曝露

ソース：http://www.oracle.com/technetwork/oem/grid-control/overview/index.html?origref=http://secunia.com/advisories/product/2565/

http://www.oracle.com/us/products/enterprise-manager/index.htm

http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html#AppendixEM

http://secunia.com/advisories/45275/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0811

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0816

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0822

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0830

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0831

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0845

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0848

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0852

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0870

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0875

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0876

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0877

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0879

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0881

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0882

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2244

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2248

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2257

CVE：CVE-2011-0811, CVE-2011-0816, CVE-2011-0822, CVE-2011-0830, CVE-2011-0831, CVE-2011-0845, CVE-2011-0848, CVE-2011-0852, CVE-2011-0870, CVE-2011-0875, CVE-2011-0876, CVE-2011-0877, CVE-2011-0879, CVE-2011-0881, CVE-2011-0882, CVE-2011-2244, CVE-2011-2248, CVE-2011-2257

危険性：Medium Risk