Vulnerability Details CVE-2005-4151
The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.9%
CVSS Severity
CVSS v2 Score 2.1
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html
- http://metasploit.com/research/vulns/pgp_slackspace/
- http://secunia.com/advisories/17827
- http://www.osvdb.org/21569
- http://www.securityfocus.com/archive/1/419077/100/0/threaded
- http://www.securityfocus.com/archive/1/419282/100/0/threaded
- http://www.securityfocus.com/archive/1/419654/100/0/threaded
- http://www.securityfocus.com/bid/15784
- http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html
- http://metasploit.com/research/vulns/pgp_slackspace/
- http://secunia.com/advisories/17827
- http://www.osvdb.org/21569
- http://www.securityfocus.com/archive/1/419077/100/0/threaded
- http://www.securityfocus.com/archive/1/419282/100/0/threaded
- http://www.securityfocus.com/archive/1/419654/100/0/threaded
- http://www.securityfocus.com/bid/15784