Vulnerability Details CVE-2004-2337
The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/10752/
- http://www.osvdb.org/3771
- http://www.securityfocus.com/bid/9527
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14990
- https://sourceforge.net/project/shownotes.php?release_id=213427
- http://secunia.com/advisories/10752/
- http://www.osvdb.org/3771
- http://www.securityfocus.com/bid/9527
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14990
- https://sourceforge.net/project/shownotes.php?release_id=213427
Products affected by CVE-2004-2337
-
cpe:2.3:a:inlook:inlook:0.6.0
-
cpe:2.3:a:inlook:inlook:0.6.1
-
cpe:2.3:a:inlook:inlook:0.6.10.0
-
cpe:2.3:a:inlook:inlook:0.6.11
-
cpe:2.3:a:inlook:inlook:0.6.12
-
cpe:2.3:a:inlook:inlook:0.6.13
-
cpe:2.3:a:inlook:inlook:0.6.14
-
cpe:2.3:a:inlook:inlook:0.6.2
-
cpe:2.3:a:inlook:inlook:0.6.3
-
cpe:2.3:a:inlook:inlook:0.6.4
-
cpe:2.3:a:inlook:inlook:0.6.5
-
cpe:2.3:a:inlook:inlook:0.6.6
-
cpe:2.3:a:inlook:inlook:0.6.7
-
cpe:2.3:a:inlook:inlook:0.6.8
-
cpe:2.3:a:inlook:inlook:0.6.9
-
cpe:2.3:a:inlook:inlook:0.7.0
-
cpe:2.3:a:inlook:inlook:0.7.1
-
cpe:2.3:a:inlook:inlook:0.7.2
-
cpe:2.3:a:inlook:inlook:0.7.3