ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-09-13T22:00:00
Updated: 2024-08-07T19:23:41.138Z
Reserved: 2006-09-13T00:00:00
Link: CVE-2006-4745
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-09-13T22:07:00.000
Modified: 2024-11-21T00:16:39.863
Link: CVE-2006-4745
Redhat
No data.