Vulnerabilities > Oracle > Jdeveloper > 9.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-18 | CVE-2005-2292 | Information Disclosure vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5 Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information. | 2.1 |
2005-07-18 | CVE-2005-2291 | Information Disclosure vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5 Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | 4.6 |