VULHUB ™

It has been reported that PGPDisk may be prone to an information disclosure weakness due to unauthorized local access to a user's PGP volume. The problem is reported to present itself when a user uses the 'switch user' function in Windows XP and PGPDisk fails to unmount allow another local user to access the mounted PGP disk. Although unconfirmed this issue does not seem to affect network drives. Successful exploitation of this issue may allow an attacker to gain access to sensitive data. Information obtained through this attack could be used to launch further attacks against a vulnerable user. Although unconfirmed, PGPDisk version 6.02i and prior may be affected by this issue.

It has been reported that PGPDisk may be prone to an information disclosure weakness due to unauthorized local access to a user's PGP volume. The problem is reported to present itself when a user uses the 'switch user' function in Windows XP and PGPDisk fails to unmount allow another local user to access the mounted PGP disk. Although unconfirmed this issue does not seem to affect network drives. Successful exploitation of this issue may allow an attacker to gain access to sensitive data. Information obtained through this attack could be used to launch further attacks against a vulnerable user. Although unconfirmed, PGPDisk version 6.02i and prior may be affected by this issue.