Summary
The host is installed with Symantec PGP/Encryption Desktop and is prone to integer overflow vulnerability.
Impact
Successful exploitation will allow remote unauthenticated attacker to execute arbitrary code and or gain escalated privileges.
Impact Level: Application
Solution
Upgrade to version 10.3.0 MP1 or later,
For updates refer to http://www.symantec.com
Insight
Flaw is due to an unspecified error in pgpwded.sys.
Affected
Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x
Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP1
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-4351 -
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities