CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-0889

MEDIUM
4.6
CVSS Severity Score
EPSS Score0.0120%
EPSS Percentile5.56th
Published2007年2月12日
Last Modified2026年4月23日

Vulnerability Description

Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.

Affected Platforms (CPE)

📦
Kiwi Enterprises

Kiwi Cattools

All versions

References & Advisories

🔗 http://osvdb.org/33163
🔗 http://secunia.com/advisories/24103
🔗 http://securityreason.com/securityalert/2236
🔗 http://www.securityfocus.com/archive/1/459500/100/0/threaded
🔗 http://osvdb.org/33163
🔗 http://secunia.com/advisories/24103
🔗 http://securityreason.com/securityalert/2236
🔗 http://www.securityfocus.com/archive/1/459500/100/0/threaded

相關漏洞威脅

CVE-2007-088810.0

Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary ...

CVE-2021-352306.7

As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gai...

CVE-2007-050410.0

Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute ar...

CVE-2007-097610.0

Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a lo...