CVE-2008-0580

{"id": "CVE-2008-0580", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-02-05T03:00:00.000", "references": [{"url": "http://securityreason.com/securityalert/3611", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/487269/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/27500", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering."}, {"lang": "es", "value": "Geert Moernaut LSrunasE y Supercrypt usan una clave de encriptaci\u00f3n compuesta por un hash SHA1 de una cadena fija embebida en el archivo ejecutable, lo que facilita que los usuarios locales puedan obtener esta clave sin ingenier\u00eda inversa."}], "lastModified": "2018-10-15T22:01:19.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:geert_moernaut:lsrunase:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC997E02-5B99-4195-83BA-505903D6145A"}, {"criteria": "cpe:2.3:a:geert_moernaut:supercrypt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8520B808-FC38-4659-BB93-D3764DF901C1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}