Weak Encryption of User Passwords in Trillian 0.73 and Earlier Allows Local Account Access

Weak Encryption of User Passwords in Trillian 0.73 and Earlier Allows Local Account Access

CVE-2002-2162 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.

Learn more about our Cis Benchmark Audit For Apple Ios.