CVE-2002-2066

HIGH

BestCrypt BCWipe <2.36 - Info Disclosure

Title source: llm

Description

BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.

References (6)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3912

[Broken Link] http://www.iss.net/security_center/static/7953.php

[Broken Link, Vendor Advisory] http://www.ciac.org/ciac/bulletins/m-034.shtml

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/251565

[Broken Link, Vendor Advisory] http://www.seifried.org/security/advisories/kssa-003.html

[Product] http://www.bcwipe.com/

Scores

CVSS v3 7.5

EPSS 0.0069

EPSS Percentile 71.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-459

Status published

Products (2)

jetico/bcwipe 1.0.7

jetico/bcwipe 2.0 - 2.35.1

Published Dec 31, 2002

Tracked Since Feb 18, 2026