cbcvebase.
CVE-2005-2371
published 2005-07-26

CVE-2005-2371: Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows remote attackers to overwrite arbitrary files via (1) "..", (2) Windows drive…

PriorityP431medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
22.29%
97.4th percentile
Directory traversal vulnerability in Oracle Reports 6.0, 6i, 9i, and 10g allows remote attackers to overwrite arbitrary files via (1) "..", (2) Windows drive letter (C:), and (3) absolute path sequences in the desname parameter. NOTE: this issue was probably fixed by REP06 in CPU Jan 2006, in which case it overlaps CVE-2006-0289.

Affected

6 ranges
VendorProductVersion rangeFixed in
oracleapplication_server
oraclee-business_suite
oraclereports
oraclereports
oraclereports
oraclereports
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.