Description
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.
Remediation
References
Related Vulnerabilities
Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002)
Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21696 )
Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-28923)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-8011)