Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2004-0351 | First vendor Publication | 2004-11-23 |
| Vendor | Cve | Last vendor Modification | 2024-11-20 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0351 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 6316 | Spider Sales Public/Private Keys Insecure Storage Spider Sales contains a flaw that may allow a local attacker user to decrypt sensitive information stored in the database. The issue is due to the private key being stored in the same database and table as the public key. By accessing the database, it is possible that a local attacker gets private key to descrypt data, resulting in a loss of confidentiality. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:22:53 |
|
| 2024-11-28 12:06:04 |
|
| 2021-05-04 12:02:18 |
|
| 2021-04-22 01:02:28 |
|
| 2020-05-23 00:15:46 |
|
| 2017-07-11 12:01:25 |
|
| 2016-10-18 12:01:19 |
|
| 2013-05-11 11:41:02 |
|
