Vulnerability Details CVE-2005-2293
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- http://marc.info/?l=bugtraq&m=112129452232307&w=2
- http://secunia.com/advisories/15991/
- http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html
- http://www.red-database-security.com/advisory/oracle_formsbuilder_temp_file_issue.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21343
- http://marc.info/?l=bugtraq&m=112129452232307&w=2
- http://secunia.com/advisories/15991/
- http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html
- http://www.red-database-security.com/advisory/oracle_formsbuilder_temp_file_issue.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21343
Products affected by CVE-2005-2293
-
cpe:2.3:a:oracle:forms_builder:9.0.4