PT-2005-2183 · Musicmatch · Musicmatch

Robert Fly

Published

2005-04-18

Updated

2016-10-18

CVE-2005-1167

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Musicmatch versions 10.00.2047 and earlier

Description The issue allows local users to potentially obtain sensitive information because log files are stored in the Program Files directory instead of the user profile.

Recommendations For Musicmatch versions 10.00.2047 and earlier, consider changing the log file storage location to the user profile directory to minimize the risk of sensitive information disclosure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1167

Affected Products

Musicmatch

PT-2005-2183 · Musicmatch · Musicmatch

CVE-2005-1167

Related Identifiers

Affected Products

References · 3