iUser Ecommerce undisclosed vulnerability
| iuser-ecommerce-undisclosed (24906) |  Low Risk |
Description:
iUser Ecommerce is vulnerable to multiple undisclosed vulnerabilities.
Platforms Affected:
- Intensive Point, iUser Ecommerce prior to 2.2
Remedy:
Upgrade to the latest version of iUser Ecommerce (2.2 or later), available from the iUser Ecommerce Web site. See References.
Consequences:
Other
References:
- Intensive Point Web site, iUser ecommerce - shopping cart software for digital products at http://www.intensivepoint.com/.
- BID-16787: Intensive Point iUser Ecommerce Unspecified Vulnerabilities
- CVE-2006-0874: Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by Urgent secure fixes. NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue (from January 8, 2005) is too vague to be sure, and CVE-2006-0854 does not provide version information.
- SA19003: iUser Ecommerce Unspecified Vulnerabilities
Reported:
Feb 23, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net