CVE-2014-1646

2014-04-2319:55:05

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.003

Percentile

70.1%

JSON

Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform memory copies, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.

Affected configurations

Nvd

Node

symantecencryption_desktopMatch10.3.0professional

symantecencryption_desktopMatch10.3.1professional

symantecencryption_desktopMatch10.3.2-professional

Node

symantecpgp_desktopMatch10.0.0

symantecpgp_desktopMatch10.0.1

symantecpgp_desktopMatch10.0.2

symantecpgp_desktopMatch10.0.3

symantecpgp_desktopMatch10.1.0

symantecpgp_desktopMatch10.1.1

symantecpgp_desktopMatch10.1.2

symantecpgp_desktopMatch10.2.0

symantecpgp_desktopMatch10.2.1

symantecpgp_desktopMatch10.2.2

VendorProductVersionCPE
symantecencryption_desktop10.3.0cpe:2.3:a:symantec:encryption_desktop:10.3.0:*:*:*:professional:*:*:*
symantecencryption_desktop10.3.1cpe:2.3:a:symantec:encryption_desktop:10.3.1:*:*:*:professional:*:*:*
symantecencryption_desktop10.3.2cpe:2.3:a:symantec:encryption_desktop:10.3.2:-:*:*:professional:*:*:*
symantecpgp_desktop10.0.0cpe:2.3:a:symantec:pgp_desktop:10.0.0:*:*:*:*:*:*:*
symantecpgp_desktop10.0.1cpe:2.3:a:symantec:pgp_desktop:10.0.1:*:*:*:*:*:*:*
symantecpgp_desktop10.0.2cpe:2.3:a:symantec:pgp_desktop:10.0.2:*:*:*:*:*:*:*
symantecpgp_desktop10.0.3cpe:2.3:a:symantec:pgp_desktop:10.0.3:*:*:*:*:*:*:*
symantecpgp_desktop10.1.0cpe:2.3:a:symantec:pgp_desktop:10.1.0:*:*:*:*:*:*:*
symantecpgp_desktop10.1.1cpe:2.3:a:symantec:pgp_desktop:10.1.1:*:*:*:*:*:*:*
symantecpgp_desktop10.1.2cpe:2.3:a:symantec:pgp_desktop:10.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	encryption_desktop	10.3.0	cpe:2.3:a:symantec:encryption_desktop:10.3.0::::professional:::
symantec	encryption_desktop	10.3.1	cpe:2.3:a:symantec:encryption_desktop:10.3.1::::professional:::
symantec	encryption_desktop	10.3.2	cpe:2.3:a:symantec:encryption_desktop:10.3.2:-:::professional:::*
symantec	pgp_desktop	10.0.0	cpe:2.3:a:symantec:pgp_desktop:10.0.0:::::::*
symantec	pgp_desktop	10.0.1	cpe:2.3:a:symantec:pgp_desktop:10.0.1:::::::*
symantec	pgp_desktop	10.0.2	cpe:2.3:a:symantec:pgp_desktop:10.0.2:::::::*
symantec	pgp_desktop	10.0.3	cpe:2.3:a:symantec:pgp_desktop:10.0.3:::::::*
symantec	pgp_desktop	10.1.0	cpe:2.3:a:symantec:pgp_desktop:10.1.0:::::::*
symantec	pgp_desktop	10.1.1	cpe:2.3:a:symantec:pgp_desktop:10.1.1:::::::*
symantec	pgp_desktop	10.1.2	cpe:2.3:a:symantec:pgp_desktop:10.1.2:::::::*