Last Modified: Sept. 5, 2008
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
Base Score: 5.0
Exploitability Score: 10.0
Impact Score: 2.9
CVSS V2: AV:N/AC:L/Au:N/C:P/I:N/A:N
NVD-CWE-Other
| Condition | Configuration | |
|---|---|---|
| OR | ||
| OR | ||
| cpe:2.3:a:sami_tolvanen:eraser:5.3:*:*:*:*:*:*:* Part: a Vendor: sami_tolvanen | Alle Schwachstellen für sami_tolvanen | |
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="application" value="cpe:2.3:a:sami_tolvanen:eraser:5.3:*:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
<prop key="range" value="remote"/>
</set>
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="application" value="cpe:2.3:a:sami_tolvanen:eraser:5.3:*:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
<prop key="data" value="any"/>
<prop key="data_influence" value="read"/>
<prop key="range" value="remote"/>
</set>