Description
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Remediation
References
Related Vulnerabilities
WordPress Plugin Zingiri Web Shop Unspecified Vulnerability (2.6.5)
Oracle Application Server Resource Management Errors Vulnerability (CVE-2007-2120)
WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)
WordPress Plugin WP Mailto Links-Manage Email Links Cross-Site Scripting (2.0.1)