Lucene search

[email protected]CVE-2006-6286

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6286

2006-12-0411:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6286

palm desktop

weak permissions

information security

vulnerability

nvd

1.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

palmpalm_desktopRange≤4.1.4

palmpalm_desktopMatch4.0b76

palmpalm_desktopMatch4.0b77

CPENameOperatorVersion
palm:palm_desktoppalm palm desktople4.1.4
palm:palm_desktoppalm palm desktopeq4.0b76
palm:palm_desktoppalm palm desktopeq4.0b77

CPE	Name	Operator	Version
palm:palm_desktop	palm palm desktop	le	4.1.4
palm:palm_desktop	palm palm desktop	eq	4.0b76
palm:palm_desktop	palm palm desktop	eq	4.0b77

References

secunia.com/advisories/23072

www.securityfocus.com/bid/21382/info

www.vupen.com/english/advisories/2006/4803

exchange.xforce.ibmcloud.com/vulnerabilities/30657

1.7 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2006-6286

cvelist1 nvd1