Lucene search
HistoryJul 24, 2006 - 12:19 p.m.
CVE-2006-3785
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
9.5%
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin.
Affected configurations
Node
symantecpcanywhereMatch12.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | pcanywhere | 12.5 | cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2006-3785
2006-07-24 12:19:00
CVE-2007-2619
2007-05-11 16:19:00
cvelist
cvelist
CVE-2006-3785
2006-07-21 21:00:00
CVE-2007-2619
2007-05-11 16:00:00
prion
prion
Memory corruption
2007-05-11 16:19:00
nvd
nvd
CVE-2007-2619
2007-05-11 16:19:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2006-3785