EUVD-2006-4602

Malware in sbrugna...

Verichat本地用户名口令泄露漏洞

Verichat是一款即时消息软件，允许用户同时连接到多个即时消息帐号。 Verichat对用户名和口令的存储操作上存在漏洞，本地攻击者可能利用此漏洞轻易获取这些认证信息。 Verichat没有使用任何安全措施或加密保护即时消息帐号的用户名和口令，默认情况下以明文存储到了\HKEYCURRENTUSER\Software\PDAapps\VeriChat，这样攻击者就可以通过第三方软件获取这些信息。 PDAapps Verichat v1.30bh 我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2006-4614

PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEYCURRENTUSER\Software\PDAapps\VeriChat...

CVE-2006-4614

PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry under HKEY_CURRENT_USER\Software\PDAapps\VeriChat. This enables local users to obtain sensitive credentials from the registry, representing a local-attack exposure with plaintext crede...

CVE-2006-4614

PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEYCURRENTUSER\Software\PDAapps\VeriChat...