CVE-2005-3209

Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.

Published: Oct 14, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3209
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
aenovo / aenovoshop	-	-
aenovo / aenovowysi	-	-
aenovo / aenovo	-	-

http://marc.info/?l=bugtraq&m=112872593432359&w=2
http://secunia.com/advisories/17117/
http://www.kapda.ir/advisory-78.html
http://www.osvdb.org/19939
https://exchange.xforce.ibmcloud.com/vulnerabilities/22549

Vulnerability Database

289,871

CVE-2005-3209