VULHUB ™

PlatinumKey fails not properly restrict access to the desktop when SmartCard access control is enabled. Because of this, an attacker may be able to obtain potentially sensitive information. Update: Acer Travelmate C300 and 8100 running Platinum Secure are also reported affected by this issue. Furthermore, by using the extra 'Web' button on keyboards, attackers may also gain access to the underlying operating system even if the Control-Escape sequence does not work. UPDATE (February 15, 2008): Reports indicate that PlatinumKey 1.1.3a is not vulnerable to this issue.

PlatinumKey fails not properly restrict access to the desktop when SmartCard access control is enabled. Because of this, an attacker may be able to obtain potentially sensitive information. Update: Acer Travelmate C300 and 8100 running Platinum Secure are also reported affected by this issue. Furthermore, by using the extra 'Web' button on keyboards, attackers may also gain access to the underlying operating system even if the Control-Escape sequence does not work. UPDATE (February 15, 2008): Reports indicate that PlatinumKey 1.1.3a is not vulnerable to this issue.