[Japanese]

JVNDB-2007-000215

FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability

Overview

Fujitsu's encryption software FENCE-Pro and Systemwalker Desktop Encryption share the same components. A vulnerability exists in self-decoding files created using this software.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 3.5 (Low) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


FUJITSU
  • FENCE-Pro All version levels (excluding V5 (V5L01))
  • Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20, V13.0.0

Impact

The third party could view the contents of self-decoding files and obtain the passwords used for the encryption of the files.
Solution

Vendor Information

FUJITSU
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2007-1505
References

  1. JVN : JVN#19795972
  2. National Vulnerability Database (NVD) : CVE-2007-1505
  3. Secunia Advisory : SA24537
  4. Secunia Advisory : SA24549
  5. SecurityFocus : 23001
  6. ISS X-Force Database : 33029
Revision History

  • [2008/05/21]
      Web page published

Date Public2007/03/16
Date First Published2008/05/21
Date Last Updated2008/05/21