4.0B77

CVSS 1.7 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

palm

NVD

Published: 2006-12-04

Updated: 2017-07-29

Summary

Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Palm Palm Palm Desktop 4.0B76 Palm Palm Desktop 4.0B77 Palm Palm Desktop *	3

References

http://secunia.com/advisories/23072
http://www.securityfocus.com/bid/21382/info
http://www.vupen.com/english/advisories/2006/4803
https://exchange.xforce.ibmcloud.com/vulnerabilities/30657