CVE-2011-0848

Description

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Model.

Affected products

oracle / database_server10.1.0.5 – 10.1.0.5
oracle / database_server10.2.0.3 – 10.2.0.3
oracle / database_server10.2.0.4 – 10.2.0.4
oracle / database_server10.2.0.5 – 10.2.0.5
oracle / database_server11.1.0.7 – 11.1.0.7
oracle / database_server11.2.0.1 – 11.2.0.1
oracle / database_server11.2.0.2 – 11.2.0.2
oracle / enterprise_manager_grid_control10.1.0.6 – 10.1.0.6
oracle / enterprise_manager_grid_control10.2.0.5 – 10.2.0.5

References

MISChttp://www.us-cert.gov/cas/techalerts/TA11-201A.html
VENDOR_ADVISORYhttp://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html