Oracle Application Server Credentials Management Errors Vulnerability - CVE-2004-1366
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file which could allow local users to gain DBA privileges.