Description
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.
Remediation
References
Related Vulnerabilities
Atlassian Jira Incorrect Authorization Vulnerability (CVE-2019-3403)
OpenSSL Other Vulnerability (CVE-2005-1797)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2079)
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9014)
WordPress Plugin Background Music Cross-Site Scripting (1.0)