CVE-2005-2292

Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.

Date published : 2005-07-17

http://marc.info/?l=bugtraq&m=112129177927502&w=2

http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html