Lucene search

[email protected]NVD:CVE-2008-7255

HistoryApr 20, 2010 - 4:30 p.m.

CVE-2008-7255

2010-04-2016:30:00

CWE-255

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.6%

JSON

login_screen.tcl in aMSN (aka Alvaro’s Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.

Affected configurations

NVD

Node

amsnamsnRange≤0.97

amsnamsnMatch0.83

amsnamsnMatch0.90

amsnamsnMatch0.91

amsnamsnMatch0.92

amsnamsnMatch0.93

amsnamsnMatch0.94

amsnamsnMatch0.95

amsnamsnMatch0.96

References

amsn.svn.sourceforge.net/viewvc/amsn/trunk/amsn/login_screen.tcl?r1=9960&r2=10259&pathrev=10259

sourceforge.net/project/shownotes.php?release_id=610067

www.amsn-project.net/forums/index.php?topic=5317.0

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2008-7255

prion1 openvas2 cvelist1 cve1 ubuntucve1