CVE-2005-2293

Опубликовано: 18 июл. 2005

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.

Ссылки

http://marc.info/?l=bugtraq&m=112129452232307&w=2
Exploit
Mailing List
http://secunia.com/advisories/15991/
Broken Link
Patch
Vendor Advisory
http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html
Broken Link
Patch
Vendor Advisory
http://www.red-database-security.com/advisory/oracle_formsbuilder_temp_file_issue.html
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/21343
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=112129452232307&w=2
Exploit
Mailing List
http://secunia.com/advisories/15991/
Broken Link
Patch
Vendor Advisory
http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html
Broken Link
Patch
Vendor Advisory
http://www.red-database-security.com/advisory/oracle_formsbuilder_temp_file_issue.html
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/21343
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:forms_builder:9.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00158

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-459

Связанные уязвимости

GHSA-whx8-pphh-55mv