PT-2005-2411 · Exoticsoft · Filepocket
Publicado
2005-05-03
·
Atualizado
2017-07-11
·
CVE-2005-1414
CVSS v2.0
4.6
Média
| Vetor | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
ExoticSoft FilePocket version 1.2
Description:
The issue concerns the storage of sensitive proxy information. Specifically, proxy passwords are stored in plaintext in the registry. This allows local users to gain privileges.
Recommendations:
For ExoticSoft FilePocket version 1.2, consider restricting access to the registry to minimize the risk of exploitation. As a temporary workaround, avoid using the proxy feature until a secure method of storing proxy information is implemented.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Filepocket