Vulnerability Description
Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aenovo | Aenovo | All versions |
| Aenovo | Aenovoshop | All versions |
| Aenovo | Aenovowysi | All versions |
References
- http://marc.info/?l=bugtraq&m=112872593432359&w=2
- http://secunia.com/advisories/17117/Vendor Advisory
- http://www.kapda.ir/advisory-78.htmlExploitVendor Advisory
- http://www.osvdb.org/19939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22549
- http://marc.info/?l=bugtraq&m=112872593432359&w=2
- http://secunia.com/advisories/17117/Vendor Advisory
- http://www.kapda.ir/advisory-78.htmlExploitVendor Advisory
- http://www.osvdb.org/19939
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22549
FAQ
What is CVE-2005-3209?
CVE-2005-3209 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access...
How severe is CVE-2005-3209?
CVE-2005-3209 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3209?
Check the references section above for vendor advisories and patch information. Affected products include: Aenovo Aenovo, Aenovo Aenovoshop, Aenovo Aenovowysi.