Description
The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed.
Remediation
References
Related Vulnerabilities
MyBB CVE-2006-0218 Vulnerability (CVE-2006-0218)
YOURLS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2021-3734)
WordPress Plugin Instagram Feed Unspecified Vulnerability (1.11.3)
Oracle JRE CVE-2013-5823 Vulnerability (CVE-2013-5823)
WordPress Plugin WP to Twitter Cross-Site Request Forgery (3.2.9)