CVE-2005-3112
Summary
| CVE | CVE-2005-3112 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-09-30 10:05:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords. |
Risk And Classification
Primary CVSS: v2.0 2.1 from [email protected]
AV:L/AC:L/Au:N/C:P/I:N/A:N
Problem Types: NVD-CWE-Other | n/a
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:L/AC:L/Au:N/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Macromedia | Breeze | 5 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Macromedia Breeze Plaintext Password Storage Weakness | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Macromedia - MPSB05-06 : Breeze 5.0 Password Reset Encryption | af854a3a-2127-422b-91ae-364da2661108 | www.macromedia.com | Patch, Vendor Advisory |
| About Secunia Research | Flexera | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| SecurityTracker.com Archives - Macromedia Breeze Password Reset Feature May Disclose Passwords | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.