CVE-2001-1006 : Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its pas

Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application.

Published 2001-08-31 04:00:00

Updated 2008-09-05 20:25:27

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2001-1006

Probability of exploitation activity in the next 30 days: 0.42%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-1006

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2001-1006

http://www.securityfocus.com/archive/1/210067

Patch;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/3232

Vendor Advisory

Products affected by CVE-2001-1006

Starfish » Truesync Desktop » Version: 2.0b
cpe:2.3:a:starfish:truesync_desktop:2.0b:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2001-1006

Exploit prediction scoring system (EPSS) score for CVE-2001-1006

CVSS scores for CVE-2001-1006

References for CVE-2001-1006

Products affected by CVE-2001-1006