Описание
The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call.
Ссылки
- Issue TrackingMailing List
- Vendor Advisory
- Issue TrackingMailing List
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:truecrypt_project:truecrypt:7.1:a:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00035
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 3.3
debian
почти 8 лет назад
The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt ...
CVSS3: 3.3
github
больше 3 лет назад
The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call.
EPSS
Процентиль: 10%
0.00035
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-200