Information Disclosure in eyeOS by eyeOS Technologies
CVE-2005-3414

Currently unrated

Key Information:

Vendor: Eyeos Project
Status: Eyeos
Vendor: CVE Published:; 1 November 2005

🔔 Create Eyeos Project Vulnerability Alert

What is CVE-2005-3414?

The eyeOS 0.8.4 version has a significant vulnerability that allows unauthorized access to sensitive user information. The application improperly stores the usrinfo.xml file within its web document root, lacking adequate access controls. This misconfiguration permits remote attackers to retrieve user credentials, exposing personal and confidential data. Users and administrators of eyeOS should apply the latest security updates and implement appropriate access control measures to mitigate this risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/22938

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/15256

vdb-entryx_refsource_BID

http://www.thebillygoatcurse.com/advisories/eyeOS_0.8.4_M...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2005
Vulnerability Reserved
Nov 1, 2005

CVE-2005-3414 Data

JSON