Symantec PGP Desktop And Encryption Desktop Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with Symantec PGP/Encryption Desktop and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote unauthenticated attacker to gain escalated privileges. Impact Level: Application

Solution

Upgrade to version 10.3.0 MP1 or later, For updates refer to http://www.symantec.com

Insight

Flaws is due to an error in the pgpwded.sys driver when processing the 0x80022058 IOCTL.

Affected

Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x, Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP1 on Microsoft Windows XP and Microsoft Windows Server 2003

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/51762
http://secunia.com/advisories/52219
http://www.osvdb.com/89031

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6533
CVSS Base Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Windows)
Apple Safari Web Script Execution Vulnerabilites - June09
Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)

Symantec PGP Desktop and Encryption Desktop Buffer Overflow Vulnerability

Take action and discover your vulnerabilities