CVE-2002-2162
First published: Tue Dec 31 2002(Updated: )
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cerulean Studios Trillian | =0.6351 | |
| Cerulean Studios Trillian | =0.73 | |
| Cerulean Studios Trillian | =0.725 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-2162?
CVE-2002-2162 is considered a medium severity vulnerability due to the potential exposure of user passwords.
How do I fix CVE-2002-2162?
To fix CVE-2002-2162, upgrade to a later version of Trillian that does not use weak encryption for password storage.
Who is affected by CVE-2002-2162?
Users of Cerulean Studios Trillian versions 0.73 and earlier are affected by CVE-2002-2162.
What type of vulnerability is CVE-2002-2162?
CVE-2002-2162 is a local security vulnerability related to weak encryption methods used for password storage.
Can CVE-2002-2162 be exploited remotely?
No, CVE-2002-2162 can only be exploited by local users with access to the affected machine.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/cerulean studios
- canonical/cerulean studios trillian
- version/cerulean studios trillian/0.6351
- version/cerulean studios trillian/0.73
- version/cerulean studios trillian/0.725