Symantec PGP Desktop And Encryption Desktop Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with Symantec PGP/Encryption Desktop and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote unauthenticated attacker to gain escalated privileges. Impact Level: Application

Solution

Upgrade to version 10.3.0 MP1 or later, For updates refer to http://www.symantec.com

Insight

Flaws is due to an error in the pgpwded.sys driver when processing the 0x80022058 IOCTL.

Affected

Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x, Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP1 on Microsoft Windows XP and Microsoft Windows Server 2003

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/51762
http://secunia.com/advisories/52219
http://www.osvdb.com/89031

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6533

CVSS	Base Score: 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apple iTunes Insecure Permissions Privilege Escalation Vulnerability (Mac OS X)
Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
Apache /server-info accessible

Symantec PGP Desktop and Encryption Desktop Buffer Overflow Vulnerability

Take action and discover your vulnerabilities