4 matches found
CVE-2003-1392
CryptoBuddy 1.0 and 1.2 are affected by a cryptographic weakness: the application does not use the user-supplied passphrase to encrypt data, potentially allowing local users to decrypt data with their own passphrase. The underlying cause is improper use of the passphrase in encryption, leading to...
CVE-2003-1390
CVE-2003-1390 affects RTS CryptoBuddy 1.2 and earlier. The root cause is that bytes 53–55 of a 55‑byte passphrase are stored in plaintext, enabling local users to infer part of the passphrase. The documents do not specify exploitation status or a remediation/patch. No explicit details on affected...
CVE-2003-1389
The vulnerability concerns RTS CryptoBuddy 1.2 and earlier. It truncates long passphrases without warning, which may enable more effective brute‑force guessing attacks by reducing input length visibility. Impact is described as potentially facilitating such attacks with partial confidentiality ex...
CVE-2003-1391
The provided data identifies CVE-2003-1391 affecting RTS CryptoBuddy 1.0 and 1.2, where a weak encryption algorithm for the passphrase and generation of predictable keys are cited as the underlying flaws, making passphrase guesses easier. The CVSS metrics indicate a high-severity, network-attack ...