CVE-2005-2294

Name of the Vulnerable Software and Affected Versions: Oracle Forms versions 4.5, 6.0, 6i, and 9i

Description: The issue allows local users to gain sensitive information, such as credit card numbers, when a large number of records are retrieved by an Oracle form. This occurs because the system stores a copy of the database tables in a world-readable temporary file.

Recommendations: For Oracle Forms versions 4.5, 6.0, 6i, and 9i, consider restricting access to the temporary files generated by the system to minimize the risk of sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.