CVE-2002-2172

Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://online.securityfocus.com/archive/1/293052
http://www.cirt.net/advisories/shana.shtml	Patch Vendor Advisory
http://www.iss.net/security_center/static/10192.php
http://www.securityfocus.com/bid/5795	Patch
http://online.securityfocus.com/archive/1/293052
http://www.cirt.net/advisories/shana.shtml	Patch Vendor Advisory
http://www.iss.net/security_center/static/10192.php
http://www.securityfocus.com/bid/5795	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:shana:informed_designer:3.5:::::::*
	cpe:2.3:a:shana:informed_filler:3.5:::::::*

History

20 Nov 2024, 23:43

Type	Values Removed	Values Added
References	~~() http://online.securityfocus.com/archive/1/293052 -~~	() http://online.securityfocus.com/archive/1/293052 -
References	~~() http://www.cirt.net/advisories/shana.shtml - Patch, Vendor Advisory~~	() http://www.cirt.net/advisories/shana.shtml - Patch, Vendor Advisory
References	~~() http://www.iss.net/security_center/static/10192.php -~~	() http://www.iss.net/security_center/static/10192.php -
References	~~() http://www.securityfocus.com/bid/5795 - Patch~~	() http://www.securityfocus.com/bid/5795 - Patch

Information

Published : 2002-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-2172

Mitre link : CVE-2002-2172

CVE.ORG link : CVE-2002-2172

JSON object : View

Products Affected

shana

informed_designer
informed_filler

CWE

NVD-CWE-Other

{"id": "CVE-2002-2172", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"url": "http://online.securityfocus.com/archive/1/293052", "source": "cve@mitre.org"}, {"url": "http://www.cirt.net/advisories/shana.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/10192.php", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5795", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://online.securityfocus.com/archive/1/293052", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cirt.net/advisories/shana.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/10192.php", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/5795", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:shana:informed_designer:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D136F5D0-7519-4CC6-AD54-2061EDED1891"}, {"criteria": "cpe:2.3:a:shana:informed_filler:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BBEA027-2B95-404F-A73C-8E0382458F45"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

2.1 /10