CVE-2012-5619

Name of the Vulnerable Software and Affected Versions The Sleuth Kit (TSK) version 4.0.1

Description The issue allows local users to hide activities, making it more difficult to conduct forensics activities. This is demonstrated by Flame, where the vulnerability is exploited to conceal certain actions.

Recommendations For version 4.0.1, consider updating to a newer version that properly handles "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, to prevent local users from hiding activities and making forensics more difficult.