Incomplete Cleanup
CVE-2005-2293
Summary
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-459 - Incomplete Cleanup
The software does not properly "clean up" and remove temporary or supporting resources after they have been used.
References
Advisory Timeline
- Published