PT-2006-4535 · Apple+1 · Macos X+1

Published

2006-07-17

Updated

2018-10-18

CVE-2006-3669

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mercury Messenger versions 1.7.1.1 and other versions

Description The issue allows local users to read chat logs from other users due to the world-readable permissions of the chat logs stored within the /Users directory on a multi-user Mac OS X platform.

Recommendations For Mercury Messenger version 1.7.1.1, consider changing the permissions of the chat logs to prevent other users from reading them. For other affected versions, change the permissions of the chat logs to restrict access to the intended user.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3669

Affected Products

Macos X

Mercury Messenger

PT-2006-4535 · Apple+1 · Macos X+1

CVE-2006-3669

Related Identifiers

Affected Products

References · 4