CVE-2005-1858

2005-06-0604:00:00

debian

web.nvd.nist.gov

cve-2005-1858

fuse

filesystem

memory

security vulnerability

nvd

information disclosure

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

8.6

Confidence

High

EPSS

Percentile

0.4%

JSON

FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read request, which may allow local users to obtain sensitive information.

Affected configurations

Nvd

Node

fusefuseMatch2.2

fusefuseMatch2.2.1

fusefuseMatch2.3_pre

fusefuseMatch2.3_rc1

VendorProductVersionCPE
fusefuse2.2cpe:2.3:a:fuse:fuse:2.2:*:*:*:*:*:*:*
fusefuse2.2.1cpe:2.3:a:fuse:fuse:2.2.1:*:*:*:*:*:*:*
fusefuse2.3_precpe:2.3:a:fuse:fuse:2.3_pre:*:*:*:*:*:*:*
fusefuse2.3_rc1cpe:2.3:a:fuse:fuse:2.3_rc1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fuse	fuse	2.2	cpe:2.3:a:fuse:fuse:2.2:::::::*
fuse	fuse	2.2.1	cpe:2.3:a:fuse:fuse:2.2.1:::::::*
fuse	fuse	2.3_pre	cpe:2.3:a:fuse:fuse:2.3_pre:::::::*
fuse	fuse	2.3_rc1	cpe:2.3:a:fuse:fuse:2.3_rc1:::::::*