Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2001-0984

Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password database on minimize and prompt on restore" options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords.

Published

2001-09-13T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

6.4

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	counterpane	password_safe	1.7.1	Yes

References

http://www.securityfocus.com/archive/1/213931 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/3337 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/7123 ([email protected])
http://www.securityfocus.com/archive/1/213931 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/3337 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7123 (af854a3a-2127-422b-91ae-364da2661108)