CVE-2007-1191

Опубликовано: 02 мар. 2007

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plaintext to the /Library/Logs/Console/UID/Console.log file, which allows local users to obtain sensitive information by reading this file.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052722.html
Vendor Advisory
http://osvdb.org/34486
http://securityreason.com/securityalert/2368
http://www.securityfocus.com/bid/22752
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32721
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052722.html
Vendor Advisory
http://osvdb.org/34486
http://securityreason.com/securityalert/2368
http://www.securityfocus.com/bid/22752
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32721

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:quicksilver:del.icio.us_module:8f:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00078

Низкий

2.1 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hff4-vp6j-mc6m

github

почти 4 года назад