Symantec PGP Desktop And Encryption Desktop Buffer Overflow Vulnerability Network Vulnerability

Summary

The host is installed with Symantec PGP/Encryption Desktop and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote unauthenticated attacker to gain escalated privileges. Impact Level: Application

Solution

Upgrade to version 10.3.0 MP1 or later, For updates refer to http://www.symantec.com

Insight

Flaws is due to an error in the pgpwded.sys driver when processing the 0x80022058 IOCTL.

Affected

Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x, Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP1 on Microsoft Windows XP and Microsoft Windows Server 2003

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/51762
http://secunia.com/advisories/52219
http://www.osvdb.com/89031

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-6533

CVSS	Base Score: 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CA Gateway Security Remote Code Execution Vulnerability
Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
Apache Tomcat servlet/JSP container default files
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)

Symantec PGP Desktop and Encryption Desktop Buffer Overflow Vulnerability

Take action and discover your vulnerabilities