CVE-2015-3999

Piriform CCleaner 3.26.0.1988-5.02.5101 - Unauthorized Sensitive Information Exposure via File Overwrite

Title source: llm
STIX 2.1

Description

Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/May/72
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74714

Scores

EPSS 0.0052
EPSS Percentile 40.6%

Details

CWE
CWE-200
Status published
Products (26)
piriform/ccleaner 3.26.1888
piriform/ccleaner 3.27.1900
piriform/ccleaner 3.28.1913
piriform/ccleaner 4.00.4064
piriform/ccleaner 4.01.4093
piriform/ccleaner 4.02.4115
piriform/ccleaner 4.03.4151
piriform/ccleaner 4.04.4197
piriform/ccleaner 4.05.4250
piriform/ccleaner 4.06.4324
... and 16 more
Published May 20, 2015
Tracked Since Feb 18, 2026