Lucene search

[email protected]CVE-2004-2454

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2454

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

amsn

windows

information security

hotlog.htm

config.xml

sensitive information

cve-2004-2454

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml.

CPENameOperatorVersion
amsn:amsnamsneq0.90

CPE	Name	Operator	Version
amsn:amsn	amsn	eq	0.90

References

securitytracker.com/id?1010555

sourceforge.net/tracker/index.php?func=detail&aid=976450&group_id=54091&atid=472655

www.osvdb.org/8123

exchange.xforce.ibmcloud.com/vulnerabilities/16479

6.5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON