Suramya Tomar

**Name of the Vulnerable Software and Affected Versions** Trillian Pro version 3.1 build 121 **Description** The issue allows local users to obtain sensitive information due to the storage of passwords in plaintext in a world-readable file. This occurs when checking Yahoo e-mail, and the file is not deleted after login. The flaw may lead to unauthorized password exposure, specifically when the Check Mail function is used, potentially resulting in a loss of confidentiality. **Recommendations** For Trillian Pro version 3.1 build 121, consider disabling the Check Mail function for Yahoo e-mail until a fix is available to prevent unauthorized access to sensitive information. Restrict access to the file that stores passwords in plaintext to minimize the risk of exploitation.