Vulnerability Description
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl\_pack registry value.
CVSS Score
4.4
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Newsoftwares | Folder Lock | <= 5.9.5 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31559Broken LinkVendor Advisory
- http://securityreason.com/securityalert/4183Broken Link
- http://www.securityfocus.com/archive/1/495612/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/30771Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44575Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/31559Broken LinkVendor Advisory
- http://securityreason.com/securityalert/4183Broken Link
- http://www.securityfocus.com/archive/1/495612/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/30771Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44575Third Party AdvisoryVDB Entry
FAQ
What is CVE-2008-3775?
CVE-2008-3775 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local administrators to obtain sensitive information by reading and decrypting the QualityControl\_pack regis...
How severe is CVE-2008-3775?
CVE-2008-3775 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3775?
Check the references section above for vendor advisories and patch information. Affected products include: Newsoftwares Folder Lock.