Lucene search
MitreCVE-2008-3897HistorySep 03, 2008 - 2:12 p.m.
CVE-2008-3897
2008-09-0314:12:00
CWE-200
mitre
web.nvd.nist.gov
23
diskcryptor
windows
pre-boot authentication
bios
keyboard buffer
sensitive information
vulnerability
nvd
cve-2008-3897
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Affected configurations
Node
microsoftwindows
freed0mdisckcryptorMatch0.2.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows | * | cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
| freed0m | disckcryptor | 0.2.6 | cpe:2.3:a:freed0m:disckcryptor:0.2.6:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-3897
2008-09-03 14:00:00
nvd
nvd
CVE-2008-3897
2008-09-03 14:12:00
prion
prion
Design/Logic Flaw
2008-09-03 14:12:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2008-3897