Counterpane Password Safe Data Buffer Recovery Vulnerability

Counterpane Password Safe is a freely available password storage program designed to securely store usernames and passwords, assessable by one master password, or "combination" to the safe.

A problem in Password Safe makes it possible for local users to gain access to clear text usernames, and potentially passwords. When the program option to clear passwords from the clipboard is enabled, Windows will copy the contents of the clipboard to a buffer prior to minimizing the program.

This makes it possible for a local user to gain access to usernames, and potentially passwords.


Privacy Statement
Copyright 2010, SecurityFocus