Internet threat level: 1
Home→Descriptions→SA51006
Oracle Secure Global Desktop Unspecified Vulnerability
| Secunia ID | |
| CVE-ID | |
| Release Date |
17 Oct 2012 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
Oracle Secure Global Desktop 4.x |
| Where | |
| Impact |
Manipulation of dataThis includes vulnerabilities where a user or a remote attacker can manipulate local data on a system, but not necessarily be able to gain escalated privileges or system access. The most frequent type of vulnerabilities with this impact are SQL-injection vulnerabilities, where a malicious user or person can manipulate SQL queries. |
| Description |
A vulnerability has been reported in Oracle Secure Global Desktop, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an unspecified error and can be exploited to update, insert, or delete certain data via HTTP. The vulnerability is reported in version 4.6. |
| Solution |
Apply updates (please see the vendor's advisory for details). |
| Reported by |
It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2012 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. |
| Original Advisory |
Oracle: |
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.