RSS   Podatności dla 'Transact suite'   RSS

2010-09-07
 
CVE-2010-3245

 
 
The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensitive information by reading a file.

 
 
CVE-2010-3244

CWE-200
 
 
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml file that contains an encrypted password in the <Server> field.

 

 >>> Vendor: Blackboard 11 Produkty
Courseinfo
Blackboard
Vista
Blackboard learning and community post systems
Academic suite
Blackboard academic suite
Blackboard learning and community portal suite
Transact suite
Vista/ce
Blackboard learn
Collaborate ultra

Copyright 2024, cxsecurity.com

 

Back to Top