J.R. Wikes

Name of the Vulnerable Software and Affected Versions: Palm OS Treo smart phones (affected versions not specified) Description: The issue allows attackers with physical access to obtain sensitive information from the device's memory by utilizing the Find feature, which remains operational even when the system is locked with a password. This can be achieved through text searches or paste operations after pressing specific keyboard shortcut keys. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Password Safe versions 2.11 through 3.0BETA1 **Description** The issue concerns the password database locking mechanism. When specific dialogue windows are open, the configuration settings for locking the database are not respected. This could allow attackers with physical access to obtain the database contents. **Recommendations** For versions 2.11 through 3.0BETA1, consider implementing additional access controls to the password database when dialogue windows are open, such as manually locking the database or restricting physical access to the device.