PT-2005-3221 · Oracle · Oracle Forms
Alexander Kornbrust
·
Publicado
2005-07-17
·
Atualizado
2024-02-08
·
CVE-2005-2293
CVSS v2.0
2.1
Baixa
| Vetor | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Oracle Forms versions 9.0.4
Description:
The issue allows local users to obtain sensitive database information because database usernames and passwords are stored in a temporary file that is not properly deleted after use.
Recommendations:
For Oracle Forms version 9.0.4, consider implementing a secure method to handle temporary files, such as immediately deleting them after use, to prevent unauthorized access to sensitive database credentials.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Oracle Forms