CVE-2005-1424

StumbleInside GoText 1.01 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1424. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads sensitive user information (name, email, phone number) from a local GoText configuration file by leveraging insecure file permissions. It queries the Windows registry for the Program Files directory and then parses the GoText.bin file for stored credentials.

Description

StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · clocalwindows

https://www.exploit-db.com/exploits/963

View Code ZIP pw:eip

This exploit reads sensitive user information (name, email, phone number) from a local GoText configuration file by leveraging insecure file permissions. It queries the Windows registry for the Program Files directory and then parses the GoText.bin file for stored credentials.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: GoText 1.01

No auth needed

Prerequisites: Local access to the system · GoText 1.01 installed with default configuration

MITRE ATT&CK

T1005 - Data from Local System T1012 - Query Registry

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013825

Vendor Advisory vdb-entry x_refsource_osvdb

http://www.osvdb.org/14686

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/13443

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/20315

Scores

EPSS 0.0085

EPSS Percentile 53.4%

Details

Status published

Products (1)

stumbleinside/gotext 1.01

Published May 03, 2005

Tracked Since Feb 18, 2026