Vulnerabilities > CVE-2002-2162 - Unspecified vulnerability in Cerulean Studios Trillian 0.6351/0.725/0.73

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
cerulean-studios
exploit available

Summary

Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.

Exploit-Db

descriptionTrillian Instant Messaging 0.x Credential Encryption Weakness. CVE-2002-2162. Local exploit for windows platform
idEDB-ID:21781
last seen2016-02-02
modified2002-09-09
published2002-09-09
reporterCoeus Group
sourcehttps://www.exploit-db.com/download/21781/
titleTrillian Instant Messaging 0.x Credential Encryption Weakness