CVE-2004-2555 Information

Description

Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password which allows local users to calculate the Administrator password if they know the Control password and password recovery key.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0081.html http://secunia.com/advisories/11790 http://www.osvdb.org/6735 http://www.securityfocus.com/bid/10467 https://exchange.xforce.ibmcloud.com/vulnerabilities/16327