CVE-2003-0406

critical

Description

PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges.

References

http://www.securityfocus.com/bid/7696

http://www.iss.net/security_center/static/12083.php

http://marc.info/?l=bugtraq&m=105405691423389&w=2

Details

Source: Mitre, NVD

Published: 2003-06-30

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00056