Vulnerabilities > CVE-2005-2291 - Unspecified vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN oracle
nessus
Summary
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Nessus
NASL family Solaris Local Security Checks NASL id SOLARIS8_118828.NASL description Sun Management Center 3.5.1: Solaris 8 Oracle Patch. Date this patch was last updated by Sun : Jun/02/05 last seen 2020-06-01 modified 2020-06-02 plugin id 23409 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23409 title Solaris 8 (sparc) : 118828-04 NASL family Solaris Local Security Checks NASL id SOLARIS9_118829.NASL description Sun Management Center 3.5.1: Solaris 9 Oracle Patch. Date this patch was last updated by Sun : Jun/02/05 last seen 2020-06-01 modified 2020-06-02 plugin id 23549 published 2006-11-06 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/23549 title Solaris 9 (sparc) : 118829-04