Vulnerabilities > CVE-2004-2555 - Unspecified vulnerability in Smartstuff Foolproof Security 3.9/3.9.4/3.9.7
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Exploit-Db
description | SmartStuff FoolProof Security Program 3.9.x Administrative Password Recovery Vulnerability. CVE-2004-2555. Local exploit for windows platform |
id | EDB-ID:24171 |
last seen | 2016-02-02 |
modified | 2004-06-05 |
published | 2004-06-05 |
reporter | Cyrillium Security |
source | https://www.exploit-db.com/download/24171/ |
title | SmartStuff FoolProof Security Program 3.9.x Administrative Password Recovery Vulnerability |