Vulnerabilities > CVE-2003-0406 - Unspecified vulnerability in Palmvnc 1.40

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

palmvnc

NVD

Published: 2003-06-30

Updated: 2016-10-18

Summary

PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Palmvnc Palmvnc Palmvnc 1.40	1

References

http://marc.info/?l=bugtraq&m=105405691423389&w=2
http://www.iss.net/security_center/static/12083.php
http://www.securityfocus.com/bid/7696