CVE-2006-6286

Name of the Vulnerable Software and Affected Versions Palm Desktop versions 4.1.4 and earlier

Description The issue allows local users to obtain sensitive information, including address books, calendar files, and todo lists of other users, due to weak permissions used to store user data under the application directory. The exact vectors used for exploitation are not specified.

Recommendations For Palm Desktop versions 4.1.4 and earlier, consider restricting access to the application directory to minimize the risk of sensitive information disclosure until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.