EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2004-02/0503.html | Broken Link Patch Vendor Advisory |
http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0871.html | Broken Link Vendor Advisory |
http://secunia.com/advisories/10898 | Broken Link |
http://securitytracker.com/alerts/2004/Feb/1009085.html | Broken Link Third Party Advisory VDB Entry |
http://www.earlyimpact.com/productcart/support/updates/ReadMe_ProductCart_Security_Patch_013004.txt | Exploit Third Party Advisory |
http://www.osvdb.org/3979 | Broken Link |
http://www.s-quadra.com/advisories/Adv-20040216.txt | Broken Link Patch Vendor Advisory |
http://www.securityfocus.com/archive/1/354288 | Broken Link Third Party Advisory VDB Entry Vendor Advisory |
http://www.securityfocus.com/bid/9669 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15231 | Third Party Advisory VDB Entry |
Configurations
History
14 Feb 2024, 16:58
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-326 | |
References | () http://archives.neohapsis.com/archives/bugtraq/2004-02/0503.html - Broken Link, Patch, Vendor Advisory | |
References | () http://archives.neohapsis.com/archives/fulldisclosure/2004-02/0871.html - Broken Link, Vendor Advisory | |
References | () http://secunia.com/advisories/10898 - Broken Link | |
References | () http://securitytracker.com/alerts/2004/Feb/1009085.html - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.earlyimpact.com/productcart/support/updates/ReadMe_ProductCart_Security_Patch_013004.txt - Exploit, Third Party Advisory | |
References | () http://www.osvdb.org/3979 - Broken Link | |
References | () http://www.s-quadra.com/advisories/Adv-20040216.txt - Broken Link, Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/354288 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/9669 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/15231 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:early_impact:productcart:1.6_b:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_b003:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_b002:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_br003:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.5004:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_br001:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6002:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.5003r:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.5002:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_b001:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:2.5:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:2.0:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6003:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.5:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:2.0_br000:*:*:*:*:*:*:* cpe:2.3:a:early_impact:productcart:1.6_br:*:*:*:*:*:*:* |
cpe:2.3:a:netsourcecommerce:productcart:*:*:*:*:*:*:*:* |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
First Time |
Netsourcecommerce productcart
Netsourcecommerce |
Information
Published : 2004-12-31 05:00
Updated : 2024-02-14 16:58
NVD link : CVE-2004-2172
Mitre link : CVE-2004-2172
CVE.ORG link : CVE-2004-2172
JSON object : View
Products Affected
netsourcecommerce
- productcart
CWE
CWE-326
Inadequate Encryption Strength