Lucene search

Kaspersky LabKLA10353

HistoryAug 21, 2014 - 12:00 a.m.

KLA10353 DoS vulnerability in Symantec

2014-08-2100:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

53.6%

JSON

An unspecified vulnerability was found in Symantec products. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed e-mail message.

Original advisories

Symantec advisory

Related products

Symantec-Encryption-Desktop-(formerly-PGP-Desktop)

CVE list

CVE-2014-3436 critical

Solution

Update to latest version

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Symantec Encryption Desktop 10.3 versions 10.3.2 and earlierSymantec PGP Desktop 10 versions 10.2 and earlier

References

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140821_00

statistics.securelist.com/

threats.kaspersky.com/en/product/Symantec-Encryption-Desktop-(formerly-PGP-Desktop)/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

53.6%

JSON

Related for KLA10353