Advisory: Oracle Enterprise Manager Segment Advisor Arbitrary URL redirection/phishing vulnerabilityTeam Shatter Exclusive

Posted February 20, 2013 by Alex Rothacker in Oracle, Security Advisory, Team Shatter Exclusive with 0 comments

Risk Level:

High

Affected versions:
Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3

Remote exploitable:
Yes

Credits:
This vulnerability was discovered and researched by Qinglin Jiang of Application Security Inc.

Details:
Oracle Enterprise Manager Database Control Segment Advisor page is vulnerable to an arbitrary URL redirection/phishing vulnerability. An attacker may inject an arbitrary URL into the web application and force the application to redirect to it without any validation. This vulnerability can be used in phishing attacks to trick legitimate users to visit malicious sites without realizing it. The affected link and parameter are /em/console/database/xdb/XDBResource and cancelURL.

*Download AppDetectivePRO Now for a FREE Database Security Assessment*

Impact:
A remote attacker can redirect a legitimate user to a arbitrary URL, which can result in phishing attacks, trojan distribution, and spamming.

Vendor Status:
Vendor was contacted and a patch was released.

Workaround:
There is no workaround for this vulnerability.

Fix:
Apply January 2013 CPU.

CVE:
CVE-2012-3219

Links:
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
https://www.teamshatter.com/topics/general/team-shatter-exclusive/advisory-oracle-enterprise-manager-segment-advisor-arbitrary-url-redirectionphishing-vulnerability/

Timeline:
Vendor Notification – 4/26/2012
Vendor Response – 5/3/2012
Fix – 1/15/2013
Public Disclosure – 2/20/2013

*Download AppDetectivePRO Now for a FREE Database Security Assessment*

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Please note: JavaScript is required to post comments.

Powered by