Description

Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.

Remediation

References

CVE-2004-1366

Related Vulnerabilities

WordPress Plugin Instagram Feed Unspecified Vulnerability (1.11.3)

Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2015-3416)

WordPress Plugin YITH PayPal Express Checkout for WooCommerce Security Bypass (1.2.5)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.23)

WordPress Plugin Coming soon and Maintenance mode Cross-Site Scripting (3.5.2)

Severity

Medium

Classification

CVE-2004-1366

Tags

Missing Update Known Vulnerabilities