Vulnerabilities > CVE-2006-4614 - Information Disclosure vulnerability in Pocket PC Pocket PC 1.30Bh

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

local

low complexity

pocket-pc

NVD

Published: 2006-09-07

Updated: 2018-10-17

Summary

PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat.

Vulnerable Configurations

Part	Description	Count
Application	Pocket_Pc Pocket PC Pocket PC 1.30Bh	1

References

http://airscanner.com/security/05081201_verichat.htm
http://securityreason.com/securityalert/1504
http://securitytracker.com/id?1016786
http://www.securityfocus.com/archive/1/445086/100/0/threaded