CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4745

ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.2%

CVSS Severity

CVSS v2 Score 3.6

References

http://airscanner.com/security/06062602_pocketexpensepro.htm
http://securityreason.com/securityalert/1559
http://www.securityfocus.com/archive/1/445607/100/0/threaded
http://airscanner.com/security/06062602_pocketexpensepro.htm
http://securityreason.com/securityalert/1559
http://www.securityfocus.com/archive/1/445607/100/0/threaded

Products affected by CVE-2006-4745

Scarybear » Pocketexpense Pro » Version: 3.9.1

cpe:2.3:a:scarybear:pocketexpense_pro:3.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4745

Products

Pricing

Contact Us