This script is Copyright (C) 2016 Tenable Network Security, Inc.
The application installed on the remote host is affected by a
remote code execution vulnerability.
The version of Allround Automations PL/SQL Developer installed on the
remote host is prior to 220.127.116.116. It is, therefore, affected by a
remote code execution vulnerability due to a failure to properly
verify the origin or authenticity of update data sent via HTTP. A
man-in-the-middle attacker can exploit this to modify the
client-server data stream to change the update, allowing the execution
of arbitrary code.
Upgrade to PL/SQL Developer version 18.104.22.1686 or later.
Risk factor :
Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 4.8
Public Exploit Available : true