Lucene search

[email protected]CVE-2006-3675

HistoryJul 28, 2006 - 10:04 p.m.

CVE-2006-3675

2006-07-2822:04:00

[email protected]

web.nvd.nist.gov

cve-2006-3675

password safe

database locking

physical access

security vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.6%

JSON

Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents.

Affected configurations

NVD

Node

counterpanepasswordsafeMatch2.11

counterpanepasswordsafeMatch2.16

counterpanepasswordsafeMatch3.0beta1

CPENameOperatorVersion
counterpane:passwordsafecounterpane passwordsafeeq2.11
counterpane:passwordsafecounterpane passwordsafeeq2.16
counterpane:passwordsafecounterpane passwordsafeeq3.0beta1

CPE	Name	Operator	Version
counterpane:passwordsafe	counterpane passwordsafe	eq	2.11
counterpane:passwordsafe	counterpane passwordsafe	eq	2.16
counterpane:passwordsafe	counterpane passwordsafe	eq	3.0beta1

References

securityreason.com/securityalert/1308

securitytracker.com/id?1016565

www.securityfocus.com/archive/1/441040/100/0/threaded

www.securityfocus.com/bid/19078

www.symantec.com/enterprise/research/SYMSA-2006-008.txt

exchange.xforce.ibmcloud.com/vulnerabilities/27933

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.6%

JSON

Related for CVE-2006-3675

nvd1 securityvulns1 cvelist1