CVE-2005-3923

2005-11-3011:00:00

mitre

www.cve.org

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

79.1%

JSON

NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwords, by downloading the versioning_repository/rollbacklog.xml file, then using it to download and modify the associated ZIP file to edit and republish the site.

References

secunia.com/advisories/17667

www.schneier.com/blog/archives/2005/11/possible_net_ob.html

www.vupen.com/english/advisories/2005/2555