Vulnerability Description
Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.
CVSS Score
2.1
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shana | Informed Designer | 3.5 |
| Shana | Informed Filler | 3.5 |
References
- http://online.securityfocus.com/archive/1/293052
- http://www.cirt.net/advisories/shana.shtmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10192.php
- http://www.securityfocus.com/bid/5795Patch
- http://online.securityfocus.com/archive/1/293052
- http://www.cirt.net/advisories/shana.shtmlPatchVendor Advisory
- http://www.iss.net/security_center/static/10192.php
- http://www.securityfocus.com/bid/5795Patch
FAQ
What is CVE-2002-2172?
CVE-2002-2172 is a vulnerability with a CVSS score of 2.1 (LOW). Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.
How severe is CVE-2002-2172?
CVE-2002-2172 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2172?
Check the references section above for vendor advisories and patch information. Affected products include: Shana Informed Designer, Shana Informed Filler.