Vulnerability Details CVE-2005-3923
NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwords, by downloading the _versioning_repository_/rollbacklog.xml file, then using it to download and modify the associated ZIP file to edit and republish the site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/17667
- http://www.schneier.com/blog/archives/2005/11/possible_net_ob.html
- http://www.vupen.com/english/advisories/2005/2555
- http://secunia.com/advisories/17667
- http://www.schneier.com/blog/archives/2005/11/possible_net_ob.html
- http://www.vupen.com/english/advisories/2005/2555
Products affected by CVE-2005-3923
-
cpe:2.3:a:netobjects:netobjects_fusion:9