CVE-2005-2444

Name of the Vulnerable Software and Affected Versions Trillian Pro version 3.1 build 121

Description The issue allows local users to obtain sensitive information due to the storage of passwords in plaintext in a world-readable file. This occurs when checking Yahoo e-mail, and the file is not deleted after login. The flaw may lead to unauthorized password exposure, specifically when the Check Mail function is used, potentially resulting in a loss of confidentiality.

Recommendations For Trillian Pro version 3.1 build 121, consider disabling the Check Mail function for Yahoo e-mail until a fix is available to prevent unauthorized access to sensitive information. Restrict access to the file that stores passwords in plaintext to minimize the risk of exploitation.