The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials.Referenceshttp://www.osvdb.org/3771http://secunia.com/advisories/10752/https://sourceforge.net/project/shownotes.php?release_id=213427https://exchange.xforce.ibmcloud.com/vulnerabilities/14990http://www.securityfocus.com/bid/9527
