Clipboard Access Vulnerability in Novell Client for Windows
CVE-2006-2612

Currently unrated

Key Information:

Vendor: Novell
Status: Client
Vendor: CVE Published:; 26 May 2006

Summary

The Novell Client for Windows versions 4.8 and 4.9 contains a vulnerability that allows anyone with physical access to a locked machine to view the contents of the clipboard. When the machine is locked, an attacker can paste clipboard data into the 'User Name' field on the login prompt, revealing sensitive information such as usernames and passwords. This vulnerability highlights a significant security oversight in handling clipboard data during session locks. It is crucial for users to be aware of this risk and take preventive measures to safeguard sensitive information.

References

http://secunia.com/advisories/20194

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/434704/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/25760

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
May 26, 2006
Vulnerability Reserved
May 25, 2006