The files are used by EM Express to provide various interactive performance
reporting functionality. Looking at
https://helpx.adobe.com/security/products/flash-player/apsa15-05.html
suggests that updating flash player, which your organization will probably
do anyway, will mitigate the issue. It doesn't seem beyond the realms of
possibility that doing so might have adverse effects on em express.
On Mon, Oct 26, 2015 at 12:15 AM, De DBA <dedba@xxxxxxxxxx> wrote:
Morning.
Overnight the weekly clamscan picked up some flash files that it
identified as exploits of the CVE 2015-7645 Adobe Flash vulnerability:
/u00/oracle/12c/rdbms/xml/em/orarep/sqlmonitor/SqlMonitor.swf:
Swf.Exploit.CVE_2015_7645 FOUND
/u00/oracle/12c/rdbms/xml/em/orarep/perfhub/SqlHub.swf:
Swf.Exploit.CVE_2015_7645 FOUND
/u00/oracle/12c/rdbms/xml/em/orarep/sqlpa/sqlpa.swf:
Swf.Exploit.CVE_2015_7645 FOUND
/u00/oracle/12c/rdbms/xml/em/orarep/sqltune/emSqlTuning.swf:
Swf.Exploit.CVE_2015_7645 FOUND
/u00/oracle/12c/rdbms/xml/em/orarep/sql_detail/emSqlDetails.swf:
Swf.Exploit.CVE_2015_7645 FOUND
This is a complete installation of 12c (12.1.0.1.0). It seems unlikely to
me that Oracle would include malicious software, but perhaps better to
remove these flash files? Anyone knows what they are for?
Cheers,
Tony
--
//www.freelists.org/webpage/oracle-l
