Description
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability."
Remediation
References
Related Vulnerabilities
WordPress Plugin Visual Form Builder Multiple Vulnerabilities (2.8.2)
Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3185)
PHP Other Vulnerability (CVE-2007-1453)
WordPress Plugin TRADIES Information Disclosure (2.2.6)
WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)