Vulnerabilities > CVE-2006-3669 - Information Disclosure vulnerability in Mercury Messenger Users Directory
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Mercury Messenger, possibly 1.7.1.1 and other versions, when running on a multi-user Mac OS X platform, stores chat logs with world-readable permissions within the /Users directory, which allows local users to read the chat logs from other users. Successful exploitation requires that the environment is a multi-user Mac OS X platform.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |