CVE-2004-2555

Riverdeep FoolProof Security <3.9.x - Info Disclosure

Title source: llm

Description

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cyrillium Security · clocalwindows

https://www.exploit-db.com/exploits/24171

View Code ZIP pw:eip

References (5)

[Exploit] http://www.osvdb.org/6735

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16327

[Third Party Advisory] http://secunia.com/advisories/11790

[Exploit] http://www.securityfocus.com/bid/10467

[Exploit] http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.html

Scores

EPSS 0.0018

EPSS Percentile 38.8%

Details

Status published

Products (3)

smartstuff/foolproof_security 3.9

smartstuff/foolproof_security 3.9.4

smartstuff/foolproof_security 3.9.7

Published Dec 31, 2004

Tracked Since Feb 18, 2026