The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| inlook | inlook | 0.6.0 |
| inlook | inlook | 0.6.2 |
| inlook | inlook | 0.6.9 |
| inlook | inlook | 0.6.11 |
| inlook | inlook | 0.7.0 |
| inlook | inlook | 0.6.3 |
| inlook | inlook | 0.6.13 |
| inlook | inlook | 0.6.8 |
| inlook | inlook | 0.6.1 |
| inlook | inlook | 0.6.10.0 |
| inlook | inlook | 0.7.2 |
| inlook | inlook | 0.7.3 |
| inlook | inlook | 0.6.4 |
| inlook | inlook | 0.6.5 |
| inlook | inlook | 0.6.7 |
| inlook | inlook | 0.7.1 |
| inlook | inlook | 0.6.6 |
| inlook | inlook | 0.6.12 |
| inlook | inlook | 0.6.14 |