CVE-2011-1840 - OpenCVE

The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android
Martinicreations	Passmanlite Password Manager

Configuration 1 [-]

AND

OR	cpe:2.3:a:martinicreations:passmanlite_password_manager::::::::
	cpe:2.3:a:martinicreations:passmanlite_password_manager:1.42:::::::*
	cpe:2.3:a:martinicreations:passmanlite_password_manager:1.43:::::::*
	cpe:2.3:a:martinicreations:passmanlite_password_manager:1.44:::::::*
	cpe:2.3:a:martinicreations:passmanlite_password_manager:1.45:::::::*
	cpe:2.3:a:martinicreations:passmanlite_password_manager:1.46:::::::*

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://securityreason.com/securityalert/8250
http://www.securityfocus.com/bid/47765
http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-05-13T17:00:00

Updated: 2024-08-06T22:37:25.892Z

Reserved: 2011-04-28T00:00:00

Link: CVE-2011-1840

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-05-13T17:05:44.517

Modified: 2011-09-22T03:30:58.680

Link: CVE-2011-1840

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-05-06T00:00:00", "descriptions": [{"lang": "en", "value": "The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-09-22T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "8250", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8250"}, {"name": "47765", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/47765"}, {"tags": ["x_refsource_MISC"], "url": "http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1840", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "8250", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8250"}, {"name": "47765", "refsource": "BID", "url": "http://www.securityfocus.com/bid/47765"}, {"name": "http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt", "refsource": "MISC", "url": "http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:37:25.892Z"}, "title": "CVE Program Container", "references": [{"name": "8250", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8250"}, {"name": "47765", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/47765"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1840", "datePublished": "2011-05-13T17:00:00", "dateReserved": "2011-04-28T00:00:00", "dateUpdated": "2024-08-06T22:37:25.892Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "533BDDD8-72C3-458F-A40B-828EA6A798C4", "versionEndIncluding": "1.47", "vulnerable": true}, {"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:1.42:*:*:*:*:*:*:*", "matchCriteriaId": "A38F2428-4644-4A25-A4E8-E1DB866089B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:1.43:*:*:*:*:*:*:*", "matchCriteriaId": "933ACEE6-A0BF-4956-9815-9C99B64200F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:1.44:*:*:*:*:*:*:*", "matchCriteriaId": "BC47EFF8-CDF9-4550-ABB7-3A6D94C4E4C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:1.45:*:*:*:*:*:*:*", "matchCriteriaId": "E847484F-B4E3-4C37-9E20-7713806F3564", "vulnerable": true}, {"criteria": "cpe:2.3:a:martinicreations:passmanlite_password_manager:1.46:*:*:*:*:*:*:*", "matchCriteriaId": "0C3A2819-F91D-4628-905C-536EEE568311", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access."}, {"lang": "es", "value": "La aplicaci\u00f3n MartiniCreations PassmanLite Password Manager antes de v1.48 para las tiendas de Android, almacena en texto plano la contrase\u00f1a maestra y otra informaci\u00f3n de la cuenta no especificada, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante el aprovechamiento de acceso shell."}], "id": "CVE-2011-1840", "lastModified": "2011-09-22T03:30:58.680", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-05-13T17:05:44.517", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/8250"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/47765"}, {"source": "cve@mitre.org", "url": "http://www.simonroses.com/wp-content/uploads/2011/05/SRF-SA-2011-01.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}