Max Perience

**Name of the Vulnerable Software and Affected Versions** Quicksilver versions with Social Bookmarks (del.icio.us) plug-in 8F **Description** The issue allows local users to obtain sensitive information, such as usernames and passwords, by reading the /Library/Logs/Console/UID/Console.log file. This is because the Social Bookmarks (del.icio.us) plug-in writes this information in plaintext to the log file. **Recommendations** For Quicksilver with the Social Bookmarks (del.icio.us) plug-in 8F, consider restricting access to the /Library/Logs/Console/UID/Console.log file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.