Description
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by E. van Elk · textlocalwindows
https://www.exploit-db.com/exploits/21091
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.eve-software.com/security/ueditpw.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=99861651923668&w=2
Scores
EPSS
0.0020
EPSS Percentile
42.0%
Details
Status
published
Products (1)
ultraedit/ultraedit-32
Published
Aug 31, 2001
Tracked Since
Feb 18, 2026