GNotebook Local Information Disclosure Vulnerability
BID:21307
Info
GNotebook Local Information Disclosure Vulnerability
| Bugtraq ID: | 21307 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 27 2006 12:00AM |
| Updated: | Nov 29 2006 05:14PM |
| Credit: | Richard Reed <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
GNotebook GNotebook 0.7 .1 |
| Not Vulnerable: | |
Discussion
GNotebook Local Information Disclosure Vulnerability
Gnotebook is prone to a local information-disclosure vulnerability.
A local attacker can exploit this issue to access the Gmail account password information of a user who is already logged in to a Gmail account via the affected application.
Version 0.7.0.1 is vulnerable to this issue; other versions may also be affected.
Gnotebook is prone to a local information-disclosure vulnerability.
A local attacker can exploit this issue to access the Gmail account password information of a user who is already logged in to a Gmail account via the affected application.
Version 0.7.0.1 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
GNotebook Local Information Disclosure Vulnerability
An attacker requires local interactive access to exploit this issue.
An attacker requires local interactive access to exploit this issue.
Solution / Fix
GNotebook Local Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].