Required CVE Record Information
Description
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
References 6 Total
- securityfocus.com: 20080825 [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure mailing-list
- kb.cert.org: VU#604539 third-party-advisory
- securitytracker.com: 1020738 vdb-entry
- http://www.ivizsecurity.com/preboot-patch.html
- http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf
- securityreason.com: 4205 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- securityfocus.com: 20080825 [IVIZ-08-004] Intel BIOS Plain Text Password Disclosure mailing-listx_transferred
- kb.cert.org: VU#604539 third-party-advisoryx_transferred
- securitytracker.com: 1020738 vdb-entryx_transferred
- http://www.ivizsecurity.com/preboot-patch.html x_transferred
- http://www.ivizsecurity.com/research/preboot/preboot_whitepaper.pdf x_transferred
- securityreason.com: 4205 third-party-advisoryx_transferred