Vulnerability Details CVE-2007-4202
Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf
- http://www.kb.cert.org/vuls/id/912593
- http://www.securityfocus.com/archive/1/474809/100/0/threaded
- http://www.securityfocus.com/archive/1/475335/100/0/threaded
- http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf
- http://www.kb.cert.org/vuls/id/912593
- http://www.securityfocus.com/archive/1/474809/100/0/threaded
- http://www.securityfocus.com/archive/1/475335/100/0/threaded
Products affected by CVE-2007-4202
-
cpe:2.3:a:guidance_software:encase:6.0