| ID |
CVE-2005-4151
|
| Summary |
The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*
cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*
-
cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*
cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*
-
cpe:2.3:a:pgp:desktop:*:*:professional:*:*:*:*:*
cpe:2.3:a:pgp:desktop:*:*:professional:*:*:*:*:*
|
| CVSS |
| Base: | 2.1 (as of 19-10-2018 - 15:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
| bid | 15784 | | bugtraq | - 20051209 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer
- 20051211 Status on PGP NTFS File Wipe issue, 11 Dec 2005
- 20051216 Update on the PGP NTFS File Wipe Issue, 16 Dec 2005
| | fulldisc | 20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer | | misc | http://metasploit.com/research/vulns/pgp_slackspace/ | | osvdb | 21569 | | secunia | 17827 |
|
| Last major update |
19-10-2018 - 15:40 |
| Published |
10-12-2005 - 11:03 |
| Last modified |
19-10-2018 - 15:40 |
