BID:23001

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

Info

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

Bugtraq ID:	23001
Class:	Unknown
CVE:	CVE-2007-1505
Remote:	Yes
Local:	No
Published:	Mar 16 2007 12:00AM
Updated:	May 12 2015 07:33PM
Credit:	This issue was reported by the vendor.
Vulnerable:	Fujitsu Systemwalker Desktop Encryption V13.0.0 Fujitsu Systemwalker Desktop Encryption V12.0L20 Fujitsu Systemwalker Desktop Encryption V12.0L10B Fujitsu Systemwalker Desktop Encryption V12.0L10A Fujitsu Systemwalker Desktop Encryption V12.0L10 Fujitsu FENCE-Pro 4 Fujitsu FENCE-Pro 3 Fujitsu FENCE-Pro 2

Not Vulnerable:

Discussion

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

Multiple Fujitsu Products are prone to an information-disclosure vulnerability.

An attacker can exploit this issue to access sensitive information that may aid in further attacks.

This issue affects multiple versions of Systemwalker Desktop Encryption and FENCE-Pro applications.

Exploit / POC

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

Solution:
The vendor released advisories and fixes to address this issue. Please see the references for more information.

Fujitsu Systemwalker Desktop Encryption V12.0L20

Fujitsu TP08973.exe
http://software.fujitsu.com/jp/security/products-fujitsu/patch/systemw alker/TP08973.exe

Fujitsu Systemwalker Desktop Encryption V13.0.0

Fujitsu TP08973.exe
http://software.fujitsu.com/jp/security/products-fujitsu/patch/systemw alker/TP08973.exe

Fujitsu Systemwalker Desktop Encryption V12.0L10B

Fujitsu TP08973.exe
http://software.fujitsu.com/jp/security/products-fujitsu/patch/systemw alker/TP08973.exe

References

Multiple Fujitsu Products File Decryption Information Disclosure Vulnerability

References:

About the vulnerability of the self decoding file of FENCE-Pro (Fujitsu)
Concerning the vulnerability problem of the self decoding file of Systemwalker D (Fujitsu)
Fujitsu Homepage (Fujitsu)