Vulnerability Details CVE-2004-2134
Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.7%
CVSS Severity
CVSS v2 Score 4.6
References
- http://marc.info/?l=bugtraq&m=107531028325112&w=2
- http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=803&lngWId=5
- http://www.securityfocus.com/archive/1/352315/30/21430/threaded
- http://www.securityfocus.com/archive/82/351719
- http://www.securityfocus.com/bid/9515
- http://marc.info/?l=bugtraq&m=107531028325112&w=2
- http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=803&lngWId=5
- http://www.securityfocus.com/archive/1/352315/30/21430/threaded
- http://www.securityfocus.com/archive/82/351719
- http://www.securityfocus.com/bid/9515
Products affected by CVE-2004-2134
-
cpe:2.3:a:oracle:application_server:9.0.2
-
cpe:2.3:a:oracle:application_server:9.0.2.0.0
-
cpe:2.3:a:oracle:application_server:9.0.2.0.1
-
cpe:2.3:a:oracle:application_server:9.0.2.1
-
cpe:2.3:a:oracle:application_server:9.0.2.2
-
cpe:2.3:a:oracle:application_server:9.0.2.3
-
cpe:2.3:a:oracle:application_server:9.0.3