CVE-2005-3209

Sažetak

Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.

Reference

http://marc.info/?l=bugtraq&m=112872593432359&w=2
http://secunia.com/advisories/17117/
http://www.kapda.ir/advisory-78.html
http://www.osvdb.org/19939
https://exchange.xforce.ibmcloud.com/vulnerabilities/22549

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:33

Objavljeno

14-10-2005 - 10:02