CVE-2005-3203

Currently unrated

Key Information:

Vendor: Oracle
Status: Html Db
Vendor: CVE Published:; 14 October 2005

Summary

The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges.

References

http://www.securityfocus.com/bid/15033

vdb-entryx_refsource_BID

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

http://secunia.com/advisories/14935/

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Oct 14, 2005
Vulnerability Reserved
Oct 14, 2005