CVE-2008-3898

Secu Star DriveCrypt Plus Pack 3.9 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
secustardrivecrypt_plus_pack
3.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31605
http://securityreason.com/securityalert/4213
http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.ivizsecurity.com/security-advisory-iviz-sr-0807.html
http://www.securityfocus.com/archive/1/495803/100/0/threaded
http://www.securityfocus.com/bid/30818
http://secunia.com/advisories/31605
http://securityreason.com/securityalert/4213
http://www.ivizsecurity.com/preboot-patch.html
http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
http://www.ivizsecurity.com/security-advisory-iviz-sr-0807.html
http://www.securityfocus.com/archive/1/495803/100/0/threaded
http://www.securityfocus.com/bid/30818