CVE-2006-4745
Summary
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
- LOW
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- NONE
References
Advisory Timeline
- Published