CVE-2005-2294 Information

Description

Oracle Forms 4.5 6.0 6i and 9i on Unix when a large number of records are retrieved by an Oracle form stores a copy of the database tables in a world-readable temporary file which allows local users to gain sensitive information such as credit card numbers.

Reference

http://marc.info/?l=bugtraq&m=112129398711846&w=2 http://secunia.com/advisories/15991/ http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html http://www.red-database-security.com/advisory/oracle_forms_unsecure_temp_file_handling.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21347