Search

Find a vulnerability

Search criteria

    14 vulnerabilities found for encase by guidance_software

    CVE-2007-4194 (GCVE-0-2007-4194)

    Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/2967 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/44739 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/474811/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2967",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2967"
              },
              {
                "name": "44739",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/44739"
              },
              {
                "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
              },
              {
                "name": "encase-file-system-dos(46230)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2967",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2967"
            },
            {
              "name": "44739",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/44739"
            },
            {
              "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
            },
            {
              "name": "encase-file-system-dos(46230)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4194",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2967",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2967"
                },
                {
                  "name": "44739",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/44739"
                },
                {
                  "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
                },
                {
                  "name": "encase-file-system-dos(46230)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4194",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4202 (GCVE-0-2007-4202)

    Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/474809/100… mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/912593 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/archive/1/475335/100… mailing-listx_refsource_BUGTRAQ
    http://www.isecpartners.com/files/iSEC-Breaking_F… x_refsource_MISC
    Date Public
    2007-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "name": "VU#912593",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/912593"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "name": "VU#912593",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/912593"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "VU#912593",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/912593"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4202",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.396Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4201 (GCVE-0-2007-4201)

    Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/474809/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/475335/100… mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/310057 third-party-advisoryx_refsource_CERT-VN
    http://www.isecpartners.com/files/iSEC-Breaking_F… x_refsource_MISC
    Date Public
    2007-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.385Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "VU#310057",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/310057"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "VU#310057",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/310057"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4201",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "VU#310057",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/310057"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4201",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.385Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4035 (GCVE-0-2007-4035)

    Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:06.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4035",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:06.010Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4037 (GCVE-0-2007-4037)

    Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:05.960Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4037",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4037",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:05.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4036 (GCVE-0-2007-4036)

    Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:06.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4036",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:06.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1578 (GCVE-0-2005-1578)

    Vulnerability from nvd – Published: 2005-05-14 04:00 – Updated: 2024-09-17 00:50
    VLAI
    Summary
    EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/104/398021 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/15340 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:51:50.559Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/104/398021"
              },
              {
                "name": "15340",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15340"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-05-14T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.securityfocus.com/archive/104/398021"
            },
            {
              "name": "15340",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15340"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
                  "refsource": "MLIST",
                  "url": "http://www.securityfocus.com/archive/104/398021"
                },
                {
                  "name": "15340",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15340"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1578",
        "datePublished": "2005-05-14T04:00:00.000Z",
        "dateReserved": "2005-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:50:38.176Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4194 (GCVE-0-2007-4194)

    Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/2967 third-party-advisoryx_refsource_SREASON
    http://osvdb.org/44739 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/474811/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-07-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.402Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2967",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2967"
              },
              {
                "name": "44739",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/44739"
              },
              {
                "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
              },
              {
                "name": "encase-file-system-dos(46230)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2967",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2967"
            },
            {
              "name": "44739",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/44739"
            },
            {
              "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
            },
            {
              "name": "encase-file-system-dos(46230)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4194",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2967",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2967"
                },
                {
                  "name": "44739",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/44739"
                },
                {
                  "name": "20070727 Breakpoint Security: Encase Pre-Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
                },
                {
                  "name": "encase-file-system-dos(46230)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4194",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4202 (GCVE-0-2007-4202)

    Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/474809/100… mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/912593 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/archive/1/475335/100… mailing-listx_refsource_BUGTRAQ
    http://www.isecpartners.com/files/iSEC-Breaking_F… x_refsource_MISC
    Date Public
    2007-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.396Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "name": "VU#912593",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/912593"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "name": "VU#912593",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/912593"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "VU#912593",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/912593"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4202",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.396Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4201 (GCVE-0-2007-4201)

    Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
    VLAI
    Summary
    Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/474809/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/475335/100… mailing-listx_refsource_BUGTRAQ
    http://www.kb.cert.org/vuls/id/310057 third-party-advisoryx_refsource_CERT-VN
    http://www.isecpartners.com/files/iSEC-Breaking_F… x_refsource_MISC
    Date Public
    2007-08-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:46:39.385Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "VU#310057",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/310057"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-08-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "VU#310057",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/310057"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4201",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "VU#310057",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/310057"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4201",
        "datePublished": "2007-08-08T01:11:00.000Z",
        "dateReserved": "2007-08-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:46:39.385Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4035 (GCVE-0-2007-4035)

    Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:06.010Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4035",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:06.010Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4037 (GCVE-0-2007-4037)

    Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:05.960Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4037",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4037",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:05.960Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4036 (GCVE-0-2007-4036)

    Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
    VLAI
    Summary
    Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2007-07-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:37:06.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
              },
              {
                "name": "20070726 Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
              },
              {
                "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
              },
              {
                "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
              },
              {
                "name": "25100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/25100"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
            },
            {
              "name": "20070726 Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
            },
            {
              "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
            },
            {
              "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
            },
            {
              "name": "25100",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/25100"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-4036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
                },
                {
                  "name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
                  "refsource": "MISC",
                  "url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
                },
                {
                  "name": "20070726 Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
                },
                {
                  "name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
                },
                {
                  "name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
                },
                {
                  "name": "25100",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/25100"
                },
                {
                  "name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
                  "refsource": "MISC",
                  "url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-4036",
        "datePublished": "2007-07-27T22:00:00.000Z",
        "dateReserved": "2007-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:37:06.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1578 (GCVE-0-2005-1578)

    Vulnerability from cvelistv5 – Published: 2005-05-14 04:00 – Updated: 2024-09-17 00:50
    VLAI
    Summary
    EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/104/398021 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/15340 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:51:50.559Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/104/398021"
              },
              {
                "name": "15340",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15340"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-05-14T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.securityfocus.com/archive/104/398021"
            },
            {
              "name": "15340",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15340"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1578",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
                  "refsource": "MLIST",
                  "url": "http://www.securityfocus.com/archive/104/398021"
                },
                {
                  "name": "15340",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15340"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1578",
        "datePublished": "2005-05-14T04:00:00.000Z",
        "dateReserved": "2005-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:50:38.176Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }