Oracle Database Server Other Vulnerability - CVE-2006-7141

DISPUTED Absolute path traversal vulnerability in Oracle Database Server when utl_file_dir is set to a wildcard value or quotCREATE ANY DIRECTORY to PUBLICquot privileges exist allows remote authenticated users to read and modify arbitrary files via full filepaths to utl_file functions such as (1) utl_file.put_line and (2) utl_file.get_line a related issue to CVE-2005-0701. NOTE: this issue is disputed by third parties who state that this is due to an insecure configuration instead of an inherent vulnerability.