CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-3203

The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.0%

CVSS Severity

CVSS v2 Score 4.6

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0174.html
http://marc.info/?l=bugtraq&m=112870441917345&w=2
http://secunia.com/advisories/14935/
http://www.red-database-security.com/advisory/oracle_htmldb_plaintext_password.html
http://www.securityfocus.com/bid/15033
https://exchange.xforce.ibmcloud.com/vulnerabilities/22542
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0174.html
http://marc.info/?l=bugtraq&m=112870441917345&w=2
http://secunia.com/advisories/14935/
http://www.red-database-security.com/advisory/oracle_htmldb_plaintext_password.html
http://www.securityfocus.com/bid/15033
https://exchange.xforce.ibmcloud.com/vulnerabilities/22542

Products affected by CVE-2005-3203

Oracle » Html Db » Version: 1.3

cpe:2.3:a:oracle:html_db:1.3
Oracle » Html Db » Version: 1.3.6

cpe:2.3:a:oracle:html_db:1.3.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-3203

Products

Pricing

Contact Us