Vulnerability CVE-2002-0343


Published: 2002-06-25   Modified: 2012-02-12

Description:
Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords.

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Hotline communications -> Hotline connect 

 References:
http://marc.info/?l=bugtraq&m=101495128121299&w=2
http://www.iss.net/security_center/static/8327.php
http://www.securityfocus.com/bid/4210

Copyright 2024, cxsecurity.com

 

Back to Top