CVE-2001-1006

Published Aug 31, 2001

Last updated 16 years ago

Overview

Description: Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:starfish:truesync_desktop:2.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F45F9C53-6D90-431B-B8C2-D55E2C09DDA9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References