Vulnerabilities > CVE-2006-4745 - Local Security vulnerability in Scarybear Pocketexpense PRO 3.9.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |