VYPR
Unrated severityNVD Advisory· Published Jul 26, 2005· Updated Jun 16, 2026

CVE-2005-2378

CVE-2005-2378

Description

Directory traversal vulnerability in Oracle Reports allows remote attackers to read arbitrary files via an absolute or relative path to the (1) CUSTOMIZE or (2) desformat parameters to rwservlet. NOTE: vector 2 is probably the same as CVE-2006-0289, and fixed in Jan 2006 CPU.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:oracle:reports:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:oracle:reports:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.