Lucene search
HistoryJul 24, 2006 - 12:19 p.m.
CVE-2006-3785
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.6%
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin.
Affected configurations
Node
symantecpcanywhereMatch12.5
Related
cve
cve
CVE-2006-3785
2006-07-24 12:19:00
CVE-2007-2619
2007-05-11 16:19:00
cvelist
cvelist
CVE-2006-3785
2006-07-21 21:00:00
CVE-2007-2619
2007-05-11 16:00:00
nvd
nvd
CVE-2007-2619
2007-05-11 16:19:00
prion
prion
Memory corruption
2007-05-11 16:19:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.6%
Related for NVD:CVE-2006-3785