Oracle has identified a security vulnerability affecting the Oracle Universal Installer for Oracle Database Server 11g Release 2 Patchset 1 (22.214.171.124) and Oracle Enterprise Manager Grid Control 11g Release 1 (126.96.36.199.0) downloaded before November 16th 2010. This vulnerability may result in the compromise of the Oracle Single Sign-On (SSO) password used to connect to Oracle Support Systems while checking for recommended updates and patches during the initial install of these products.
(...)there is no need to re-install any software if you have already installed the product, but it is important that you update all previously downloaded installers that you may have staged internally and replace those with the updated installers.
For Oracle Enterprise Manager Grid Control customers, this includes the need to update the Oracle Management Agent installers that you may have staged for the purpose of automated agent deployment using the Agent deploy wizard or the agentDownload script.
See metalink Document 1266978.1 for additional details.