CVE-2005-2294

Currently unrated

Key Information:

Vendor: Oracle
Status: Forms
Vendor: CVE Published:; 18 July 2005

Summary

Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers.

References

http://www.red-database-security.com/advisory/oracle_form...

x_refsource_MISC

http://marc.info/?l=bugtraq&m=112129398711846&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/15991/

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jul 18, 2005
Vulnerability Reserved
Jul 17, 2005