Oracle » Jdeveloper : Security Vulnerabilities, CVEs, Published In 2005
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.
Max CVSS
2.1
EPSS Score
0.09%
Published
2005-07-18
Updated
2017-07-11
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information.
Max CVSS
4.6
EPSS Score
0.09%
Published
2005-07-18
Updated
2016-10-18
2 vulnerabilities found