VYPR

Jdeveloper

by Oracle Corporation

CVEs (24)

  • CVE-2007-3863Jul 18, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Collaboration Suite 10.1.2, allows context-dependent attackers to have an unknown impact via custom applications that use JBO.SERVER, aka JDEV02.

  • CVE-2007-3861Jul 18, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Oracle Jdeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 allows context-dependent attackers to have an unknown impact via custom applications that use JBO.KEY, aka JDEV01.

  • CVE-2005-2291Jul 18, 2005
    risk 0.00cvss epss 0.01

    Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information.

  • CVE-2005-2292Jul 18, 2005
    risk 0.00cvss epss 0.01

    Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.

Page 2 of 2