Lucene search

[email protected]CVE-2007-2883

HistoryMay 30, 2007 - 1:30 a.m.

CVE-2007-2883

2007-05-3001:30:00

[email protected]

web.nvd.nist.gov

credant

mobile guardian

vulnerability

plaintext storage

account names

passwords

memory

privilege boundaries

data protection

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.3%

JSON

Credant Mobile Guardian Shield for Windows 5.2.1.105 and earlier stores account names and passwords in plaintext in memory, which allows local users to obtain sensitive information by (1) reading the paging file or (2) dumping and searching the memory image. NOTE: This issue crosses privilege boundaries because the product is intended to protect the data on a stolen computer.

Affected configurations

NVD

Node

credantcredant_mobile_guardian_shield_-_windowsRange≤5.2.1.105

CPENameOperatorVersion
credant:credant_mobile_guardian_shield_-_windowscredant credant mobile guardian shield - windowsle5.2.1.105

CPE	Name	Operator	Version
credant:credant_mobile_guardian_shield_-_windows	credant credant mobile guardian shield - windows	le	5.2.1.105

References

osvdb.org/36524

secunia.com/advisories/25410

securityreason.com/securityalert/2753

www.kb.cert.org/vuls/id/821865

www.securityfocus.com/archive/1/469486/100/0/threaded

www.securityfocus.com/bid/24139

exchange.xforce.ibmcloud.com/vulnerabilities/34487

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

5.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2007-2883

prion1 cert1 nvd1 cvelist1