CVE-2002-1848

Description

TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control of the WinVNC Properties dialog, which could allow local users to access passwords.

Affected products

• tightvnc / tightvnc1.2 – 1.2
• tightvnc / tightvnc1.2.1 – 1.2.1
• tightvnc / tightvnc1.2.2 – 1.2.2
• tightvnc / tightvnc1.2.3 – 1.2.3

References

• MISChttp://www.tightvnc.com/changelog-win32.html
• MISChttp://www.securityfocus.com/bid/4835