Description
dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp.
Remediation
References
Related Vulnerabilities
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)
MySQL CVE-2021-2060 Vulnerability (CVE-2021-2060)
WordPress Plugin ApplyOnline-Application Form Builder and Manager Arbitrary File Disclosure (1.9.92)
WordPress Plugin EZ Google Analytics Cross-Site Scripting (4.1.06)