CVE-2007-2883

Name of the Vulnerable Software and Affected Versions Credant Mobile Guardian Shield for Windows versions 5.2.1.105 and earlier

Description The issue allows local users to obtain sensitive information, such as account names and passwords, which are stored in plaintext in memory. This can be achieved by reading the paging file or by dumping and searching the memory image. The problem crosses privilege boundaries because the product is intended to protect data on a stolen computer.

Recommendations For versions 5.2.1.105 and earlier, consider disabling the feature that stores account names and passwords in memory until a patch is available. Restrict access to the memory image and the paging file to minimize the risk of exploitation. Avoid using the product to store sensitive information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.