Vulnerability Description
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lexar | Jumpdrive Secure | All versions |
References
- http://secunia.com/advisories/12522Vendor Advisory
- http://www.atstake.com/research/advisories/2004/a091304-1.txtVendor Advisory
- http://www.securityfocus.com/bid/11162Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17342
- http://secunia.com/advisories/12522Vendor Advisory
- http://www.atstake.com/research/advisories/2004/a091304-1.txtVendor Advisory
- http://www.securityfocus.com/bid/11162Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17342
FAQ
What is CVE-2004-0838?
CVE-2004-0838 is a vulnerability with a CVSS score of 2.1 (LOW). Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password ...
How severe is CVE-2004-0838?
CVE-2004-0838 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0838?
Check the references section above for vendor advisories and patch information. Affected products include: Lexar Jumpdrive Secure.