** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own.
References
Configurations
Information
Published : 2007-07-27 15:30
Updated : 2018-10-15 14:33
NVD link : CVE-2007-4035
Mitre link : CVE-2007-4035
JSON object : View
CWE
Products Affected
guidance_software
- encase