CVE-2012-1737

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 11.1.0.7, 11.2.0.2, and 11.2.0.3 Enterprise Manager Grid Control EM Base Platform version 10.2.0.5 Enterprise Manager Grid Control EM Base Platform version 11.1.0.1 EM Plugin for DB version 12.1.0.1 EM Plugin for DB version 12.1.0.2

Description The issue allows remote attackers to affect confidentiality, integrity, and availability. It is related to DB Performance Advisories/UIs. Remote attackers can bypass security restrictions, execute arbitrary SQL commands, and gain access to sensitive data.

Recommendations For Oracle Database Server versions 11.1.0.7, 11.2.0.2, and 11.2.0.3, update to a version that includes the necessary security patches. For Enterprise Manager Grid Control EM Base Platform version 10.2.0.5, apply the recommended security fixes. For Enterprise Manager Grid Control EM Base Platform version 11.1.0.1, EM Plugin for DB version 12.1.0.1, and EM Plugin for DB version 12.1.0.2, restrict access to sensitive data and apply security restrictions to prevent arbitrary SQL command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.