Vulnerabilities > CVE-2002-1848 - Unspecified vulnerability in Tightvnc

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

tightvnc

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords.

Vulnerable Configurations

Part	Description	Count
Application	Tightvnc Tightvnc Tightvnc 1.2 Tightvnc Tightvnc 1.2.1 Tightvnc Tightvnc 1.2.2 Tightvnc Tightvnc 1.2.3	4

References

http://www.securityfocus.com/bid/4835
http://www.tightvnc.com/changelog-win32.html