Last Modified: Sept. 5, 2008
SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
Access Vector: Network
Access Complexity: Low
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: None
Availability Impact: None
Base Score: 5.0
Exploitability Score: 10.0
Impact Score: 2.9
CVSS V2: AV:N/AC:L/Au:N/C:P/I:N/A:N
NVD-CWE-Other
| Condition | Configuration | |
|---|---|---|
| OR | ||
| OR | ||
| cpe:2.3:a:accessdata:secureclean:3_build_2.0:*:*:*:*:*:*:* Part: a Vendor: accessdata | Alle Schwachstellen für accessdata | |
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="application" value="cpe:2.3:a:accessdata:secureclean:3_build_2.0:*:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
<prop key="range" value="remote"/>
</set>
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="application" value="cpe:2.3:a:accessdata:secureclean:3_build_2.0:*:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
<prop key="data" value="any"/>
<prop key="data_influence" value="read"/>
<prop key="range" value="remote"/>
</set>