High severity7.5NVD Advisory· Published Aug 3, 2007· Updated Jun 16, 2026
CVE-2007-4150
CVE-2007-4150
Description
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and (2) storing passwords in the configuration file, which allows local users to obtain sensitive information by reading this file.
Affected products
3cpe:2.3:a:visionsoft:audit:12.4.0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:visionsoft:audit:12.4.0.0:*:*:*:*:*:*:*
- (no CPE)range: 12.4.0.0
- Range: 12.4.0.0
Patches
Vulnerability mechanics
References
3- www.portcullis.co.uk/uplds/advisories/vapassword%20-%2006-042.txtnvdBroken LinkVendor Advisory
- www.securityfocus.com/bid/25153nvdBroken LinkThird Party AdvisoryVDB Entry
- osvdb.org/46979nvdBroken Link
News mentions
0No linked articles in our index yet.