Lucene search

[email protected]NVD:CVE-2004-2555

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2555

2004-12-3105:00:00

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

Affected configurations

NVD

Node

smartstufffoolproof_securityMatch3.9

smartstufffoolproof_securityMatch3.9.4

smartstufffoolproof_securityMatch3.9.7

References

archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.html

secunia.com/advisories/11790

www.osvdb.org/6735

www.securityfocus.com/bid/10467

exchange.xforce.ibmcloud.com/vulnerabilities/16327

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2004-2555

cvelist1 cve1