VULHUB ™

FlashGet stores dialup credentials in a user-accessible registry key. The username will be stored in plaintext and the password will be hex-encoded. As a result, malicious local users may obtain these credentials. This presents a security risk if dialup accounts are not shared between users on the system. This issue was reported in FlashGet 0.9 through 1.2. Other versions may also be affected.

FlashGet stores dialup credentials in a user-accessible registry key. The username will be stored in plaintext and the password will be hex-encoded. As a result, malicious local users may obtain these credentials. This presents a security risk if dialup accounts are not shared between users on the system. This issue was reported in FlashGet 0.9 through 1.2. Other versions may also be affected.