CVE-2005-3112
Summary
| CVE | CVE-2005-3112 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-09-30 10:05:00 UTC |
| Updated | 2008-09-05 20:53:00 UTC |
| Description | The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Macromedia | Breeze | 5 | All | All | All |
| Application | Macromedia | Breeze | 5 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Macromedia - MPSB05-06 : Breeze 5.0 Password Reset Encryption | CONFIRM | www.macromedia.com | Patch, Vendor Advisory |
| Macromedia Breeze Plaintext Password Storage Weakness | BID | www.securityfocus.com | |
| About Secunia Research | Flexera | SECUNIA | secunia.com | |
| SecurityTracker.com Archives - Macromedia Breeze Password Reset Feature May Disclose Passwords | SECTRACK | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.