CVE-2005-4412 — LOW (2.1) — White Hats Nepal

Q: How severe is CVE-2005-4412?

CVE-2005-4412 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2005-4412?

Check the references section above for vendor advisories and patch information. Affected products include: Citrix Program Neighborhood Client.

Vulnerability Description

Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Citrix	Program Neighborhood Client	<= 9.1

References

http://securitytracker.com/id?1015372Exploit
http://support.citrix.com/article/CTX108108ExploitVendor Advisory
http://securitytracker.com/id?1015372Exploit
http://support.citrix.com/article/CTX108108ExploitVendor Advisory

FAQ

What is CVE-2005-4412?

CVE-2005-4412 is a vulnerability with a CVSS score of 2.1 (LOW). Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the ...

How severe is CVE-2005-4412?

CVE-2005-4412 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-4412?

Check the references section above for vendor advisories and patch information. Affected products include: Citrix Program Neighborhood Client.