Symantec PGP Desktop And Encryption Desktop Local Privilege Escalation Vulnerability Network Vulnerability

Summary

The host is installed with Symantec PGP/Encryption Desktop and is prone to local privilege escalation vulnerability.

Impact

Successful exploitation will allow remote unauthenticated attacker to execute arbitrary code, gain escalated privileges. Impact Level: System/Application

Solution

Upgrade to version 10.3.0 MP3 or later, For updates refer to http://www.symantec.com

Insight

Flaw is due to an unquoted search path in the RDDService.

Affected

Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP3

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/51762
http://secunia.com/advisories/52219
http://www.osvdb.com/95924

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1610
CVSS Base Score: 6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Apache Tomcat servlet/JSP container default files
Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)
Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability
Adobe Flash Media Server Video Stream Capture Security Issue

Symantec PGP Desktop and Encryption Desktop Local Privilege Escalation Vulnerability

Take action and discover your vulnerabilities