Incomplete Cleanup
CVE-2002-0788
Summary
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-459 - Incomplete Cleanup
The software does not properly "clean up" and remove temporary or supporting resources after they have been used.
References
Advisory Timeline
- Published