Description
Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without encryption, which allows local users to obtain the key via the SGA.
Remediation
References
Related Vulnerabilities
WordPress CVE-2020-25286 Vulnerability (CVE-2020-25286)
WordPress Plugin MasterStudy LMS-for Online Courses and Education SQL Injection (3.2.5)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
WordPress Plugin NextCellent Gallery-NextGEN Legacy Cross-Site Scripting (1.9.17)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-1133)