Advisory: Oracle Enterprise Manager Segment Advisor Arbitrary URL redirection/phishing vulnerability
Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5, 220.127.116.11, 18.104.22.168, 22.214.171.124
This vulnerability was discovered and researched by Qinglin Jiang of Application Security Inc.
Oracle Enterprise Manager Database Control Segment Advisor page is vulnerable to an arbitrary URL redirection/phishing vulnerability. An attacker may inject an arbitrary URL into the web application and force the application to redirect to it without any validation. This vulnerability can be used in phishing attacks to trick legitimate users to visit malicious sites without realizing it. The affected link and parameter are /em/console/database/xdb/XDBResource and cancelURL.
A remote attacker can redirect a legitimate user to a arbitrary URL, which can result in phishing attacks, trojan distribution, and spamming.
Vendor was contacted and a patch was released.
There is no workaround for this vulnerability.
Apply January 2013 CPU.
Vendor Notification – 4/26/2012
Vendor Response – 5/3/2012
Fix – 1/15/2013
Public Disclosure – 2/20/2013