CVE-2008-7255

login_screen.tcl in aMSN (aka Alvaro's Messenger) before 0.97.1 saves a password after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
amsnamsn
𝑥
≤ 0.97
amsnamsn
0.83
amsnamsn
0.90
amsnamsn
0.91
amsnamsn
0.92
amsnamsn
0.93
amsnamsn
0.94
amsnamsn
0.95
amsnamsn
0.96
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
amsn
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://amsn.svn.sourceforge.net/viewvc/amsn/trunk/amsn/login_screen.tcl?r1=9960&r2=10259&pathrev=10259
http://sourceforge.net/project/shownotes.php?release_id=610067
http://www.amsn-project.net/forums/index.php?topic=5317.0
http://amsn.svn.sourceforge.net/viewvc/amsn/trunk/amsn/login_screen.tcl?r1=9960&r2=10259&pathrev=10259
http://sourceforge.net/project/shownotes.php?release_id=610067
http://www.amsn-project.net/forums/index.php?topic=5317.0