Symantec PGP Desktop And Encryption Desktop Local Privilege Escalation Vulnerability Network Vulnerability

Summary

The host is installed with Symantec PGP/Encryption Desktop and is prone to local privilege escalation vulnerability.

Impact

Successful exploitation will allow remote unauthenticated attacker to execute arbitrary code, gain escalated privileges. Impact Level: System/Application

Solution

Upgrade to version 10.3.0 MP3 or later, For updates refer to http://www.symantec.com

Insight

Flaw is due to an unquoted search path in the RDDService.

Affected

Symantec PGP Desktop 10.0.x, 10.1.x, and 10.2.x Symantec Encryption Desktop 10.3.0 prior to 10.3.0 MP3

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://secunia.com/advisories/51762
http://secunia.com/advisories/52219
http://www.osvdb.com/95924

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1610

CVSS	Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Apple Safari libxml Denial of Service Vulnerability
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
Adobe Digital Edition Information Disclosure Vulnerability (Windows)
Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)

Symantec PGP Desktop and Encryption Desktop Local Privilege Escalation Vulnerability

Take action and discover your vulnerabilities