154 matches found
Design/Logic Flaw
Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01...
CVE-2007-3861
Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01...
CVE-2007-3861
Technical details for CVE-2007-3861 are not publicly available in the provided documents; no specific affected products, root cause, or remediation are given. Monitor for official updates.
CVE-2007-3861
Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01...
CVE-2007-3863
Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Collaboration Suite 10.1.2, allows context-dependent attackers to have an unknown impact via custom applications that use JBO.SERVER, aka JDEV02...
CVE-2007-3863
Technical details for CVE-2007-3863 are not publicly provided in the supplied documents. No explicit affected versions, root cause, impact, or remediation are described here. Monitor for updates from Oracle advisories and security feeds.
CVE-2005-2292
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in 1 IDEConnections.xml, 2 XSQLConfig.xml and 3 settings.xml, which allows local users to obtain sensitive information...
CVE-2005-2291
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information...
CVE-2005-2292
CVE-2005-2292 : Oracle JDeveloper versions 9.0.4, 9.0.5, and 10.1.2 store cleartext passwords in IDEConnections.xml, XSQLConfig.xml, and settings.xml. The issue allows local users to obtain sensitive information from these configuration files. The connected documents confirm the affected products...
CVE-2005-2291
CVE-2005-2291 : Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 pass the cleartext password as a parameter when starting sqlplus, enabling local users to gain sensitive information. The connected documents confirm the affected products and the root cause (password passed in cleartext as a startup para...
CVE-2005-2291
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information...
CVE-2005-2292
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in 1 IDEConnections.xml, 2 XSQLConfig.xml and 3 settings.xml, which allows local users to obtain sensitive information...
Oracle JDeveloper Plaintext Passwords
Name Oracle JDeveloper Plaintext Passwords Systems Affected Oracle JDeveloper 9.0.4, 9.0.5, 10.1.2 Severity Low Risk Category Information Disclosure of Passwords Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 13 July 2005 V 1.00 Advisory...
Name Oracle JDeveloper passes Plaintext Password
Name Oracle JDeveloper passes Plaintext Password Systems Affected Oracle JDeveloper 9.0.4, 9.0.5, 10.1.2 Severity Low Risk Category Information disclosure of Passwords Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 12 July 2005 V 1.00 Advisory...