Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-06-11T04:00:00

Updated: 2024-08-08T02:56:38.255Z

Reserved: 2002-06-07T00:00:00

Link: CVE-2002-0568

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-07-03T04:00:00.000

Modified: 2024-11-20T23:39:23.147

Link: CVE-2002-0568

cve-icon Redhat

No data.