CVE-2002-2067

HIGH

East-Tec Eraser 2002 - Info Disclosure

Title source: llm

Description

East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.

References (6)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3912

[Broken Link, Vendor Advisory] http://www.seifried.org/security/advisories/kssa-003.html

[Product] http://www.east-tec.com/eraser/faq.htm

[Broken Link] http://www.iss.net/security_center/static/7953.php

[Broken Link, Vendor Advisory] http://www.ciac.org/ciac/bulletins/m-034.shtml

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/251565

Scores

CVSS v3 7.5

EPSS 0.0069

EPSS Percentile 71.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-459

Status published

Products (1)

east-tec/eraser 2002

Published Dec 31, 2002

Tracked Since Feb 18, 2026