Search
Find a vulnerability
Search criteria
14 vulnerabilities found for encase by guidance_software
CVE-2007-4194 (GCVE-0-2007-4194)
Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2967 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/44739 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/474811/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-07-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2967",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2967",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2967",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"refsource": "OSVDB",
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4194",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4202 (GCVE-0-2007-4202)
Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/912593 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4202",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4201 (GCVE-0-2007-4201)
Vulnerability from nvd – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/310057 | third-party-advisoryx_refsource_CERT-VN |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4201",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4035 (GCVE-0-2007-4035)
Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4035",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:06.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4037 (GCVE-0-2007-4037)
Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4037",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:05.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4036 (GCVE-0-2007-4036)
Vulnerability from nvd – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4036",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:06.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1578 (GCVE-0-2005-1578)
Vulnerability from nvd – Published: 2005-05-14 04:00 – Updated: 2024-09-17 00:50
VLAI
EPSS
VEX
Summary
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/104/398021 | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/15340 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-14T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15340"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"refsource": "MLIST",
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1578",
"datePublished": "2005-05-14T04:00:00.000Z",
"dateReserved": "2005-05-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:50:38.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4194 (GCVE-0-2007-4194)
Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/2967 | third-party-advisoryx_refsource_SREASON |
| http://osvdb.org/44739 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/474811/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-07-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2967",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2967",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service (stack memory consumption) and possibly have other unspecified impact via a malformed file, related to \"EnCase\u0027s file system parsing.\" NOTE: this information is based upon a vague pre-advisory. It might overlap CVE-2007-4036."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2967",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2967"
},
{
"name": "44739",
"refsource": "OSVDB",
"url": "http://osvdb.org/44739"
},
{
"name": "20070727 Breakpoint Security: Encase Pre-Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474811/100/0/threaded"
},
{
"name": "encase-file-system-dos(46230)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46230"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4194",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4202 (GCVE-0-2007-4202)
Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/912593 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "VU#912593",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4202",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4201 (GCVE-0-2007-4201)
Vulnerability from cvelistv5 – Published: 2007-08-08 01:11 – Updated: 2024-08-07 14:46
VLAI
EPSS
VEX
Summary
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/310057 | third-party-advisoryx_refsource_CERT-VN |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-08-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "VU#310057",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/310057"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4201",
"datePublished": "2007-08-08T01:11:00.000Z",
"dateReserved": "2007-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:46:39.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4035 (GCVE-0-2007-4035)
Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4035",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:06.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4037 (GCVE-0-2007-4037)
Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:05.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4037",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:05.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4036 (GCVE-0-2007-4036)
Vulnerability from cvelistv5 – Published: 2007-07-27 22:00 – Updated: 2024-08-07 14:37 Disputed
VLAI
EPSS
VEX
Summary
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report "memory allocation errors;" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/474809/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.blackhat.com/html/bh-usa-07/bh-usa-07-… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/474727/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/475335/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/474750/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/25100 | vdb-entryx_refsource_BID |
| http://www.isecpartners.com/files/iSEC-Breaking_F… | x_refsource_MISC |
Date Public
2007-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via (1) a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; (2) a corrupted NTFS filesystem, which causes the application to report \"memory allocation errors;\" or (3) deeply nested directories, which trigger an application crash during an Expand All action. NOTE: the vendor disputes the significance of these vectors because the user can select fewer options, there is no operational impact, or the user can do less expansion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer",
"refsource": "MISC",
"url": "http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer"
},
{
"name": "20070726 Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474727/100/0/threaded"
},
{
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name": "20070727 Re: Guidance Software response to iSEC report on EnCase (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474750/100/0/threaded"
},
{
"name": "25100",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25100"
},
{
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4036",
"datePublished": "2007-07-27T22:00:00.000Z",
"dateReserved": "2007-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:37:06.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1578 (GCVE-0-2005-1578)
Vulnerability from cvelistv5 – Published: 2005-05-14 04:00 – Updated: 2024-09-17 00:50
VLAI
EPSS
VEX
Summary
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/104/398021 | mailing-listx_refsource_MLIST |
| http://secunia.com/advisories/15340 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:51:50.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-05-14T04:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15340"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[Forensics] 20050511 DCO discovery \u0026 removal, capabilities of imaging \u0026 wiping tools",
"refsource": "MLIST",
"url": "http://www.securityfocus.com/archive/104/398021"
},
{
"name": "15340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1578",
"datePublished": "2005-05-14T04:00:00.000Z",
"dateReserved": "2005-05-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:50:38.176Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}