CVE-2006-7163 - DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master passwor

CVE-2006-7163

Summary

DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master password is set, which allows attackers with physical access to read the database contents via an unspecified authentication bypass. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References

http://www.securityfocus.com/bid/19983

Vulnerable Configurations

cpe:2.3:a:dreameesoft:password_master:1.0:*:*:*:*:*:*:*
cpe:2.3:a:dreameesoft:password_master:1.0:*:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 05-09-2008 - 21:16)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid

19983

Last major update

05-09-2008 - 21:16

Published

10-03-2007 - 00:19

Last modified

05-09-2008 - 21:16