|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
|TREND MICRO CUSTOMER PROTECTION||Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 11238. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the validate_login function defined within /apache/htdocts/php/common.php. The username parameter is passed with limited sanitization to an exec_qr call which can be abused to inject commands. The sanitation that does occur can limit the exploitation of this issue, however code execution can likely still be achieved. Successful attempts will yield remote code execution under the context of the apache server.
Oracle has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Tenable Network Security