Summary
The host is installed with Symantec PGP/Encryption Desktop and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow remote unauthenticated attacker to gain escalated privileges.
Impact Level: Application
Solution
Upgrade to version 10.3.0 MP1 or later,
For updates refer to http://www.symantec.com
Insight
Flaws is due to an error in the pgpwded.sys driver when processing the 0x80022058 IOCTL.
Affected
Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x,
Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP1 on Microsoft Windows XP and Microsoft Windows Server 2003
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-6533 -
CVSS Base Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
- Adobe Reader Plugin Signature Bypass Vulnerability (Windows)
- Apple Safari Web Script Execution Vulnerabilites - June09
- Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
- Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)