← Back

CVE-2010-0119

nvd nist
Published: Feb 25, 2010Modified: Apr 29, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."

Affected (14)

Becauseinter
1 product
Bournal
Configuration A
14 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Becauseinter
Bournal
Up to 1.4
Bournal
Version 0.1
Bournal
Version 0.2
Bournal
Version 0.3
Bournal
Version 0.4.5
Bournal
Version 0.4
Bournal
Version 0.6
Bournal
Version 0.7
Bournal
Version 0.8
Bournal
Version 0.9
Bournal
Version 1.0
Bournal
Version 1.1
Bournal
Version 1.2
Bournal
Version 1.3
Running on/withPlatform Versions
Freebsd
Freebsd
Version 8.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (16)

Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
Source: PSIRT-CNA@flexerasoftware.com
Source: PSIRT-CNA@flexerasoftware.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.