Vulnerabilities > CVE-2006-4745 - Unspecified vulnerability in Scarybear Pocketexpense PRO 3.9.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://airscanner.com/security/06062602_pocketexpensepro.htm
- http://airscanner.com/security/06062602_pocketexpensepro.htm
- http://securityreason.com/securityalert/1559
- http://securityreason.com/securityalert/1559
- http://www.securityfocus.com/archive/1/445607/100/0/threaded
- http://www.securityfocus.com/archive/1/445607/100/0/threaded