Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=112872593432359&w=2 | |
http://secunia.com/advisories/17117/ | Vendor Advisory |
http://www.kapda.ir/advisory-78.html | Exploit Vendor Advisory |
http://www.osvdb.org/19939 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/22549 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-10-14T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-10-14T00:00:00
Link: CVE-2005-3209
JSON object: View
NVD Information
Status : Modified
Published: 2005-10-14T10:02:00.000
Modified: 2017-07-11T01:33:08.190
Link: CVE-2005-3209
JSON object: View
Redhat Information
No data.
CWE