CVE-2007-5460
Microsoft ActiveSync 4.1 (used with Windows Mobile 5.0) contains a cryptographic weakness: PIN/Password is sent over USB using XOR obfuscation with a fixed key, enabling potential recovery of credentials if the host network is sniffed or the USB docking process is spoofed. Affected component/proc...