VYPR
Unrated severityNVD Advisory· Published Jul 26, 2005· Updated Jun 16, 2026

CVE-2005-2371

CVE-2005-2371

Description

Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows remote attackers to overwrite arbitrary files via (1) "..", (2) Windows drive letter (C:), and (3) absolute path sequences in the desname parameter. NOTE: this issue was probably fixed by REP06 in CPU Jan 2006, in which case it overlaps CVE-2006-0289.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:oracle:reports:10g:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:oracle:reports:10g:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:reports:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:reports:6i:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:reports:9i:*:*:*:*:*:*:*
    • (no CPE)range: 6.0, 6i, 9i, 10g

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.