Description
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
Remediation
References
Related Vulnerabilities
MongoDb CVE-2019-2390 Vulnerability (CVE-2019-2390)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-5104)
WordPress Plugin User Submitted Posts Arbitrary File Upload (20190426)
IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0219)
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)