mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
114 lines
3.5 KiB
JSON
114 lines
3.5 KiB
JSON
{
|
|
"id": "CVE-2005-2294",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-07-18T04:00:00.000",
|
|
"lastModified": "2017-07-11T01:32:47.860",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Oracle Forms 4.5, 6.0, 6i, y 9i en Unix, cuando un n\u00famero elevado de filas son recuperadas por un formulario Oracle, almacena una copia de las tablas de la base de datos en un fichero legible por todo el mundo, lo que permite que usuarios locales obtengan informaci\u00f3n confidencial tal como n\u00fameros de tarjeta de cr\u00e9dito."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.1
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:forms:4.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1B720808-BCFF-4917-82E3-2F7B11355406"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:forms:6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38D1AB63-14C5-4343-962B-BC8FC03B412A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:forms:6i:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D38985A2-F5F6-4157-92C0-CE80B7F37013"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:forms:9i:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "75E934ED-92DE-47C3-94C4-6714A32FC32A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=112129398711846&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.red-database-security.com/advisory/oracle_forms_unsecure_temp_file_handling.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21347",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |