CVE-2006-7141 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Absolute path traversal vulnerability in Oracle Database Server when utl_file_dir is set to a wildcard value or \CREATE ANY DIRECTORY to PUBLIC\ privileges exist allows remote authenticated users to read and modify arbitrary files via full filepaths to utl_file functions such as (1) utl_file.put_line and (2) utl_file.get_line a related issue to CVE-2005-0701. NOTE: this issue is disputed by third parties who state that this is due to an insecure configuration instead of an inherent vulnerability.

Reference

http://www.0xdeadbeef.info/exploits/raptor_orafile.sql http://www.securityfocus.com/archive/1/454862/100/0/threaded http://www.securityfocus.com/archive/1/454964/100/0/threaded http://www.securityfocus.com/archive/1/455047/100/0/threaded