CVE-2002-0788
MEDIUMPGP Corporate Desktop - Incomplete Cleanup of Cleartext Temporary Files
Title source: llmDescription
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
References (5)
Core 5
Core References
Third Party Advisory x_refsource_confirm
http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.1/hotfix/ReadMe.txt
Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4702
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/4363
Broken Link, Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-05/0052.html
Broken Link, Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9044.php
Scores
CVSS v3
5.5
EPSS
0.0037
EPSS Percentile
29.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-459
Status
published
Products (3)
pgp/corporate_desktop
7.1
pgp/freeware
7.0.3
pgp/personal_security
7.0.3
Published
Aug 12, 2002
Tracked Since
Feb 18, 2026