Description

The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.

Remediation

References

CVE-2005-0298

Related Vulnerabilities

phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108)

WordPress Plugin Crelly Slider Arbitrary File Upload (1.3.4)

WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.22)

Apache HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2003-1418)

Nginx Out-of-bounds Write Vulnerability (CVE-2011-4315)

Severity

Medium

Classification

CVE-2005-0298

Tags

Missing Update Known Vulnerabilities