Summary
This host has PGP Desktop is installed and is prone to Denial of Service vulnerability.
Impact
Successful exploitation allows attackers to execute arbitrary code with system privileges or to crash the application.
Impact Level: Application.
Solution
Upgrade to PGP Desktop 9.10
http://www.pgp.com/downloads/desktoptrial/desktoptrial2.html
Insight
IOCTL handler in 'pgpdisk.sys' and 'pgpwded.sys' files does not adequately validate buffer data associated with the Irp object.
Affected
PGP Desktop prior to version 9.10 on Windows.
References
Severity
Classification
-
CVE CVE-2009-0681 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
- Active Perl Denial of Service Vulnerability (Windows)
- Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Mac OS X)
- CiscoKits CCNA TFTP Server 'Write' Command Denial Of Service Vulnerability
- ClamAV get_unicode_name() Off-By-One Heap based BOF Vulnerability