Lucene search

[email protected]CVE-2002-1848

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1848

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

tightvnc

1.2.4

windows

unencrypted passwords

local users

access

nvd

7.3 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords.

CPENameOperatorVersion
tightvnc:tightvnctightvnceq1.2.1
tightvnc:tightvnctightvnceq1.2
tightvnc:tightvnctightvnceq1.2.3
tightvnc:tightvnctightvnceq1.2.2

CPE	Name	Operator	Version
tightvnc:tightvnc	tightvnc	eq	1.2.1
tightvnc:tightvnc	tightvnc	eq	1.2
tightvnc:tightvnc	tightvnc	eq	1.2.3
tightvnc:tightvnc	tightvnc	eq	1.2.2

References

www.securityfocus.com/bid/4835

www.tightvnc.com/changelog-win32.html

7.3 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2002-1848

cvelist1