Lucene search

[email protected]NVD:CVE-2005-4151

HistoryDec 10, 2005 - 11:03 a.m.

CVE-2005-4151

2005-12-1011:03:00

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.

Affected configurations

Nvd

Node

pgpdesktopRange≤9.0.3_build_2932professional

pgpdesktopMatch8.0home

pgpdesktopMatch9.0professional

VendorProductVersionCPE
pgpdesktop*cpe:2.3:a:pgp:desktop:*:*:professional:*:*:*:*:*
pgpdesktop8.0cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*
pgpdesktop9.0cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*

Vendor	Product	Version	CPE
pgp	desktop	*	cpe:2.3:a:pgp:desktop:::professional:::::*
pgp	desktop	8.0	cpe:2.3:a:pgp:desktop:8.0::home:::::
pgp	desktop	9.0	cpe:2.3:a:pgp:desktop:9.0::professional:::::

References

archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html

metasploit.com/research/vulns/pgp_slackspace/

secunia.com/advisories/17827

www.osvdb.org/21569

www.securityfocus.com/archive/1/419077/100/0/threaded

www.securityfocus.com/archive/1/419282/100/0/threaded

www.securityfocus.com/archive/1/419654/100/0/threaded

www.securityfocus.com/bid/15784

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2005-4151

cve1 cvelist1