Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2612

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-2612
Last Modified 05 Sep 2008 05:05:00
Published 25 May 2006 09:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2612

Summary

Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt.

Vulnerable Systems

Application

  • Novell Client 4.8

  • Novell Client 4.9


References

BUGTRAQ - 20060522 Re: Novell Client login form enables reading and writing from and to the clipboard of the logged-in user

BUGTRAQ - 20060521 Novell Client login form enables reading and writing from and to the clipboard of the logged-in user

SECUNIA - 20194

XF - novell-client-clipboard-leak(26595)

OSVDB - 25760

SREASON - 961


Last Updated: 27 May 2016 10:42:40