PT-2001-2005 · Deltathree · Deltathree Pc-To-Phone

Published

2001-12-06

Updated

2017-10-10

CVE-2001-0837

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions DeltaThree Pc-To-Phone version 3.0.3

Description The issue allows local users to read sensitive data due to its placement in world-readable locations within the installation directory. Specifically, the information can be accessed in the temp.html file, the log folder, and the PhoneBook folder.

Recommendations For DeltaThree Pc-To-Phone version 3.0.3, consider restricting access to the installation directory to prevent unauthorized reading of sensitive data. As a temporary workaround, restrict access to the temp.html file, the log folder, and the PhoneBook folder to minimize the risk of data exposure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0837

Affected Products

Deltathree Pc-To-Phone

PT-2001-2005 · Deltathree · Deltathree Pc-To-Phone

CVE-2001-0837

Related Identifiers

Affected Products

References · 4