CVE-2002-0788

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pgp:corporate_desktop:7.1:*:*:*:*:*:*:*
cpe:2.3:a:pgp:freeware:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pgp:personal_security:7.0.3:*:*:*:*:*:*:*

History

20 Nov 2024, 23:39

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html - Broken Link, Patch, Vendor Advisory () http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html - Broken Link, Patch, Vendor Advisory
References () http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt - Third Party Advisory () http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt - Third Party Advisory
References () http://www.iss.net/security_center/static/9044.php - Broken Link, Patch, Vendor Advisory () http://www.iss.net/security_center/static/9044.php - Broken Link, Patch, Vendor Advisory
References () http://www.osvdb.org/4363 - Broken Link () http://www.osvdb.org/4363 - Broken Link
References () http://www.securityfocus.com/bid/4702 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory () http://www.securityfocus.com/bid/4702 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory

08 Feb 2024, 20:13

Type Values Removed Values Added
References (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html - Patch, Vendor Advisory (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html - Broken Link, Patch, Vendor Advisory
References (XF) http://www.iss.net/security_center/static/9044.php - Patch, Vendor Advisory (XF) http://www.iss.net/security_center/static/9044.php - Broken Link, Patch, Vendor Advisory
References (CONFIRM) http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt - (CONFIRM) http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt - Third Party Advisory
References (OSVDB) http://www.osvdb.org/4363 - (OSVDB) http://www.osvdb.org/4363 - Broken Link
References (BID) http://www.securityfocus.com/bid/4702 - Patch, Vendor Advisory (BID) http://www.securityfocus.com/bid/4702 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
CVSS v2 : 2.1
v3 : unknown
v2 : 2.1
v3 : 5.5
CWE NVD-CWE-Other CWE-459

Information

Published : 2002-08-12 04:00

Updated : 2024-11-20 23:39


NVD link : CVE-2002-0788

Mitre link : CVE-2002-0788

CVE.ORG link : CVE-2002-0788


JSON object : View

Products Affected

pgp

  • freeware
  • personal_security
  • corporate_desktop
CWE
CWE-459

Incomplete Cleanup