QwikSec

Security Database

CVE

CWE

Training

CVE-2005-2294

Published: Jul 17, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.red-database-security.com/advisory/oracle_forms_unsecure_temp_file_handling.html

x_refsource_MISC

20050713 Advisory: Oracle Forms Insecure Temporary File Handling

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

formsbuilder-temp-file-info-disclosure(21347)

vdb-entry

x_refsource_XF

http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.