Vulnerability Description
Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Smartstuff | Foolproof Security | 3.9 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.htmlExploit
- http://secunia.com/advisories/11790
- http://www.osvdb.org/6735Exploit
- http://www.securityfocus.com/bid/10467Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16327
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.htmlExploit
- http://secunia.com/advisories/11790
- http://www.osvdb.org/6735Exploit
- http://www.securityfocus.com/bid/10467Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16327
FAQ
What is CVE-2004-2555?
CVE-2004-2555 is a vulnerability with a CVSS score of 2.1 (LOW). Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local ...
How severe is CVE-2004-2555?
CVE-2004-2555 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2555?
Check the references section above for vendor advisories and patch information. Affected products include: Smartstuff Foolproof Security.