Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3852

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3852
Last Modified 03 Jul 2013 10:48:52
Published 27 Nov 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3852

Summary

SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter.

Vulnerable Systems

Application

  • Onlinetechtools.com Owos Lite 3.0


References

VUPEN - ADV-2005-2584

SECUNIA - 17711

OSVDB - 21116

MISC - http://pridels0.blogspot.com/2005/11/owos-lite-30-sql-inj.html


Last Updated: 27 May 2016 10:41:04