Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2003-1392

Published

20 years ago

Last Modified

6 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Share on Facebook
Share on LinkedIn
Share on Twitter

CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data..

CVSSv2.0 Score

Severity: Medium
Base Score: 6.6/10
Exploit Score: 3.9/10
Access Vector: Local
Access Complexity: Low
Authentication Required: None
Impact Score: 9.2/10
Confidentiality Impact: Complete
Availability Impact: None
Integrity Impact: Complete

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:research_triangle_software:cryptobuddy:1.2::::	Yes	-	-
cpe:2.3:a:research_triangle_software:cryptobuddy:1.0::::	Yes	-	-
cpe:2.3:o:microsoft:all_windows::::::::	Yes	-	-

References

http://www.securityfocus.com/archive/1/311176
http://www.securityfocus.com/bid/6812
https://exchange.xforce.ibmcloud.com/vulnerabilities/11317