Oracle Reports Directory Traversal Vulnerability
CVE-2005-2378 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Directory traversal vulnerability in Oracle Reports allows remote attackers to read arbitrary files via an absolute or relative path to the (1) CUSTOMIZE or (2) desformat parameters to rwservlet. NOTE: vector 2 is probably the same as CVE-2006-0289, and fixed in Jan 2006 CPU.
Learn more about our Web Application Penetration Testing UK.