Lucene search
HistoryFeb 12, 2007 - 11:28 p.m.
CVE-2007-0889
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Kiwi CatTools before 3.2.0 beta uses weak encryption (“reversible encoding”) for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.
Affected configurations
Node
kiwi_enterpriseskiwi_cattools
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kiwi_enterprises | kiwi_cattools | * | cpe:2.3:a:kiwi_enterprises:kiwi_cattools:*:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2007-02-12 23:28:00
cve
cve
CVE-2007-0889
2007-02-12 23:28:00
cvelist
cvelist
CVE-2007-0889
2007-02-12 23:00:00
securityvulns
securityvulns
Kiwi CatTools TFTO directory traversal
2007-02-27 00:00:00
kaspersky
kaspersky
KLA10239 Multiple vulnerabilities in KIWI CatTools
2007-02-12 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2007-0889