Vulnerability Description
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Deltathree | Pc-To-Phone | 3.0.3 |
References
- http://marc.info/?l=bugtraq&m=100403691432052&w=2
- http://www.securityfocus.com/bid/3475Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7393
- http://marc.info/?l=bugtraq&m=100403691432052&w=2
- http://www.securityfocus.com/bid/3475Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7393
FAQ
What is CVE-2001-0837?
CVE-2001-0837 is a vulnerability with a CVSS score of 2.1 (LOW). DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and...
How severe is CVE-2001-0837?
CVE-2001-0837 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0837?
Check the references section above for vendor advisories and patch information. Affected products include: Deltathree Pc-To-Phone.