Back to search
CVE-2006-4745
Published: Sep 13, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://airscanner.com/security/06062602_pocketexpensepro.htm
x_refsource_MISC
1559
third-party-advisory
x_refsource_SREASON
20060907 Airscanner Mobile Security Advisory #06260602: Pocket Expense Pro 3.9.1 Authentication Bypass
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now