CVE-2005-3209

Description

Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges.

Affected products

• aenovo / aenovo
• aenovo / aenovoshop
• aenovo / aenovowysi

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/17117/
• MAILING_LISThttp://marc.info/?l=bugtraq&m=112872593432359&w=2
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22549
• MISChttp://www.kapda.ir/advisory-78.html
• MISChttp://www.osvdb.org/19939