12 matches found
EUVD-2010-3243
Malware in sbrugna...
EUVD-2010-3244
Malware in sbrugna...
CVE-2010-3244
BbtsConnectionEdit.exe in Blackboard Transact Suite formerly Blackboard Commerce Suite before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml...
CVE-2010-3245
The automated-backup functionality in Blackboard Transact Suite formerly Blackboard Commerce Suite stores the 1 database username and 2 database password in cleartext in a script and b batch .bat files, which allows local users to obtain sensitive information by reading a file...
CVE-2010-3244
BbtsConnectionEdit.exe in Blackboard Transact Suite formerly Blackboard Commerce Suite before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml...
CVE-2010-3245
The automated-backup functionality in Blackboard Transact Suite formerly Blackboard Commerce Suite stores the 1 database username and 2 database password in cleartext in a script and b batch .bat files, which allows local users to obtain sensitive information by reading a file...
Design/Logic Flaw
The automated-backup functionality in Blackboard Transact Suite formerly Blackboard Commerce Suite stores the 1 database username and 2 database password in cleartext in a script and b batch .bat files, which allows local users to obtain sensitive information by reading a file...
Design/Logic Flaw
BbtsConnectionEdit.exe in Blackboard Transact Suite formerly Blackboard Commerce Suite before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml...
CVE-2010-3244
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names to decide whether to decrypt a value in connection.xml, enabling local users to obtain the database password by tampering the field with an encrypted password. Affected:...
CVE-2010-3244
BbtsConnectionEdit.exe in Blackboard Transact Suite formerly Blackboard Commerce Suite before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml...
CVE-2010-3245
The automated-backup functionality in Blackboard Transact Suite formerly Blackboard Commerce Suite stores the 1 database username and 2 database password in cleartext in a script and b batch .bat files, which allows local users to obtain sensitive information by reading a file...
Blackboard Transact database credentials disclosure
Overview The Blackboard Transact application contains two vulnerabilities that allow an unauthorized user to access the database credentials. Description The Blackboard Transact application previously know as Blackboard Commerce Suite comes with a utility called BbtsConnectionEdit.exe that is use...