Vulnerability Details CVE-2013-6223
LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file, which allows local users to obtain access by reading the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.4%
CVSS Severity
CVSS v2 Score 2.1
References
- http://blog.curesec.com/article/blog/27.html
- http://forums.livezilla.net/index.php?/topic/163-livezilla-changelog/
- http://osvdb.org/100400
- http://seclists.org/fulldisclosure/2013/Nov/210
- http://blog.curesec.com/article/blog/27.html
- http://forums.livezilla.net/index.php?/topic/163-livezilla-changelog/
- http://osvdb.org/100400
- http://seclists.org/fulldisclosure/2013/Nov/210
Products affected by CVE-2013-6223
-
cpe:2.3:a:livezilla:livezilla:3.1.8.3
-
cpe:2.3:a:livezilla:livezilla:3.2.0.2
-
cpe:2.3:a:livezilla:livezilla:4.0.1.0
-
cpe:2.3:a:livezilla:livezilla:4.0.1.1
-
cpe:2.3:a:livezilla:livezilla:4.0.1.2
-
cpe:2.3:a:livezilla:livezilla:4.1.0.3
-
cpe:2.3:a:livezilla:livezilla:4.1.0.4
-
cpe:2.3:a:livezilla:livezilla:4.2.0.4
-
cpe:2.3:a:livezilla:livezilla:4.2.0.5
-
cpe:2.3:a:livezilla:livezilla:5.0.1.0
-
cpe:2.3:a:livezilla:livezilla:5.0.1.1
-
cpe:2.3:a:livezilla:livezilla:5.0.1.2
-
cpe:2.3:a:livezilla:livezilla:5.0.1.3
-
cpe:2.3:a:livezilla:livezilla:5.0.1.4
-
cpe:2.3:a:livezilla:livezilla:5.1.0.0