CVE-2006-4745

Name of the Vulnerable Software and Affected Versions ScaryBear PocketExpense Pro version 3.9.1

Description The issue allows local users to disable authentication and access a data file by modifying a certain value in the file header, because the file's contents are stored in plaintext and protected by an internally recorded key.

Recommendations For ScaryBear PocketExpense Pro version 3.9.1, consider modifying the application to store data files securely, such as by using encryption, and ensure that authentication mechanisms are properly implemented to prevent unauthorized access.