Summary
The host is installed with Symantec PGP Desktop and is prone to untrusted search path vulnerability.
Impact
Successful exploitation will allow remote unauthenticated attacker to execute arbitrary code and conduct DLL hijacking attacks.
Impact Level: System/Application
Solution
Upgrade to version 10.0.1 or later,
For updates refer to http://www.symantec.com
Insight
Flaws is due to the application loading libraries (e.g. tvttsp.dll, tsp.dll) in an insecure manner.
Affected
Symantec PGP Desktop 9.9.0 Build 397, 9.10.x, 10.x prior to 10.0.0 Build 2732
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2010-3397 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities