An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00154
Percentile: 0.3692

CVSS Scoring

Mapped CWE(s)

• CWE-459 : Incomplete Cleanup

Affected Products

• cpe:2.3:a:pgp:corporate_desktop:7.1:*:*:*:*:*:*:*
• cpe:2.3:a:pgp:freeware:7.0.3:*:*:*:*:*:*:*
• cpe:2.3:a:pgp:personal_security:7.0.3:*:*:*:*:*:*:*

← Back to Home