Reported October 22, 2003 by Thierry De Leeuw.

 

 

VERSIONS AFFECTED

 

PGP's PGPDisk for Windows

 

DESCRIPTION

 

A vulnerability in PGPDisk for Windows can result in data compromise. If a user mounts a PGP disk and reason leaves his computer, the PGP disk remains mounted. If another user with local logon rights uses the Windows XP Switch User function, that user will have full access to the mounted PGP disk.

 

 

VENDOR RESPONSE

 

<span style="font-family:Verdana">PGP has been notified.</h3>   <strong><span style="font-size: 10.0pt; font-family: Verdana; color: purple">CREDIT</h3></strong>  

Discovered by Thierry De Leeuw.