Published: 18/02/2013 Updated: 20/02/2013

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

VMScore: 445

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec pgp desktop 10.0.0
symantec pgp desktop 10.0.1
symantec pgp desktop 10.0.2
symantec pgp desktop 10.0.3
symantec pgp desktop 10.1.0
symantec pgp desktop 10.1.1
symantec pgp desktop 10.1.2
symantec pgp desktop 10.2.0
symantec pgp desktop 10.2.1
symantec encryption desktop 10.3.0

source: wwwsecurityfocuscom/bid/57835/info Symantec Encryption Desktop is prone to a local buffer-overflow vulnerability A local attacker may exploit this issue to execute arbitrary code with escalated privileges #define IO_CONTROL_VULN 0x80022058 #define TARGET_DEVICE L"\\Device\\pgpwdef" [] usNameBuffer = TARGET_DEVICE ...

CWE-119 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2013&suid=20130213_00 http://www.securityfocus.com/bid/57835 https://nvd.nist.gov https://www.exploit-db.com/exploits/38299/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-6533

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect