CVE-2002-2069

PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
References
Link Resource
http://www.ciac.org/ciac/bulletins/m-034.shtml Broken Link Vendor Advisory
http://www.iss.net/security_center/static/7953.php Broken Link
http://www.securityfocus.com/archive/1/251565 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/3912 Broken Link Third Party Advisory VDB Entry
http://www.seifried.org/security/advisories/kssa-003.html Broken Link Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pgp:personal_privacy:*:*:*:*:*:*:*:*
cpe:2.3:a:pgp:personal_privacy:*:*:*:*:*:*:*:*

History

08 Feb 2024, 20:33

Type Values Removed Values Added
First Time Pgp personal Privacy
CVSS v2 : 5.0
v3 : unknown
v2 : 5.0
v3 : 7.5
CPE cpe:2.3:a:pgp:pgp:6.5.3:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:6.5.8:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:6.5.1i:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:6.5.2a:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:pgp:pgp:7.0:*:*:*:*:*:*:*
cpe:2.3:a:pgp:personal_privacy:*:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-459
References (BUGTRAQ) http://www.securityfocus.com/archive/1/251565 - (BUGTRAQ) http://www.securityfocus.com/archive/1/251565 - Broken Link, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/3912 - (BID) http://www.securityfocus.com/bid/3912 - Broken Link, Third Party Advisory, VDB Entry
References (MISC) http://www.seifried.org/security/advisories/kssa-003.html - Vendor Advisory (MISC) http://www.seifried.org/security/advisories/kssa-003.html - Broken Link, Vendor Advisory
References (XF) http://www.iss.net/security_center/static/7953.php - (XF) http://www.iss.net/security_center/static/7953.php - Broken Link
References (CIAC) http://www.ciac.org/ciac/bulletins/m-034.shtml - Vendor Advisory (CIAC) http://www.ciac.org/ciac/bulletins/m-034.shtml - Broken Link, Vendor Advisory

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-2069

Mitre link : CVE-2002-2069

CVE.ORG link : CVE-2002-2069


JSON object : View

Products Affected

pgp

  • personal_privacy
CWE
CWE-459

Incomplete Cleanup