PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
References
Link | Resource |
---|---|
http://www.ciac.org/ciac/bulletins/m-034.shtml | Broken Link Vendor Advisory |
http://www.iss.net/security_center/static/7953.php | Broken Link |
http://www.securityfocus.com/archive/1/251565 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/3912 | Broken Link Third Party Advisory VDB Entry |
http://www.seifried.org/security/advisories/kssa-003.html | Broken Link Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Feb 2024, 20:33
Type | Values Removed | Values Added |
---|---|---|
First Time |
Pgp personal Privacy
|
|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:pgp:pgp:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:pgp:pgp:6.5.8:*:*:*:*:*:*:* cpe:2.3:a:pgp:pgp:6.5.1i:*:*:*:*:*:*:* cpe:2.3:a:pgp:pgp:6.5.2a:*:*:*:*:*:*:* cpe:2.3:a:pgp:pgp:6.5.1:*:*:*:*:*:*:* cpe:2.3:a:pgp:pgp:7.0:*:*:*:*:*:*:* |
cpe:2.3:a:pgp:personal_privacy:*:*:*:*:*:*:*:* |
CWE | CWE-459 | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/251565 - Broken Link, Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/3912 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MISC) http://www.seifried.org/security/advisories/kssa-003.html - Broken Link, Vendor Advisory | |
References | (XF) http://www.iss.net/security_center/static/7953.php - Broken Link | |
References | (CIAC) http://www.ciac.org/ciac/bulletins/m-034.shtml - Broken Link, Vendor Advisory |
Information
Published : 2002-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-2069
Mitre link : CVE-2002-2069
CVE.ORG link : CVE-2002-2069
JSON object : View
Products Affected
pgp
- personal_privacy
CWE
CWE-459
Incomplete Cleanup