vendor:
Peer2Mail
by:
ATmaCA
5.5
CVSS
MEDIUM
Privilege Escalation
264
CWE
Product Name: Peer2Mail
Affected Version From: 1.4
Affected Version To: 1.4
Patch Exists: NO
Related CWE:
CPE: a:peer2mail:peer2mail:1.4
Platforms Tested: Windows XP SP2
2002-2005
Peer2Mail Encrypt PassDumper Exploit
This exploit allows an attacker to dump passwords encrypted by Peer2Mail 1.4 and prior versions. The exploit targets the 'p2m.exe' process and retrieves the password. It was discovered and coded by ATmaCA in 2002-2005.
Mitigation:
Update to a patched version of Peer2Mail that addresses this vulnerability.
