11 matches found
CVE-2013-1610
CVE-2013-1610 : Unquoted Windows search path in Symantec PGP Desktop/RDDService and Symantec Encryption Desktop 10.x could allow local privilege escalation via a Trojan placed in the SYSTEMDRIVE root. Affected: PGP Desktop 10.0.x–10.2.x and Encryption Desktop 10.3.0 before MP3. Root cause: unquot...
CVE-2017-13682
CVE-2017-13682 affects Symantec Encryption Desktop (SED) and related Symantec Endpoint Encryption prior to 10.4.1 MP2HF1. The issue is described as a kernel memory leak (a resource leak) in the kernel memory management, leading to a denial of service (DoS) condition. The available connected sourc...
CVE-2012-4351
CVE-2012-4351 refers to an integer overflow in the kernel driver pgpwded.sys used by Symantec PGP Desktop and Symantec Encryption Desktop (10.x) prior to the 10.3.0 MP1 maintenance pack. A crafted input could allow local users to gain privileges via this vulnerability. A related entry (CVE-2012-6...
CVE-2017-6330
CVE-2017-6330 affects Symantec Encryption Desktop (SED) prior to version 10.4.1 MP2. The DoS vulnerability allows remote attackers to cause resource consumption to the affected system by sending crafted web requests. The issue is documented across multiple sources in the connected documents, all ...
CVE-2014-3436
CVE-2014-3436 affects Symantec Encryption Desktop 10.3.x before 10.3.2 MP3 and Symantec PGP Desktop 10.0.x–10.2.x. The issue is a DoS caused by a failure to limit the decompressed size during decryption of a crafted encrypted email, which can cause excessive CPU/memory usage and system unresponsi...
CVE-2017-13679
CVE-2017-13679 affects Symantec Encryption Desktop (SED) before SED 10.4.1 MP2HF1. Public material indicates DoS conditions that disrupt services of a host/resource; related entries also describe CVE-2017-13682 and CVE-2017-13683 (kernel memory leaks) within the same product line. Remediation per...
CVE-2014-1646
CVE-2014-1646 affects Symantec PGP Desktop 10.0.x–10.2.x and Encryption Desktop Professional 10.3.x; an improper memory copy when parsing malformed certificates can cause a read- access violation and application crash (DoS). The issue impacts remote-exploitation scenarios via crafted certificates...
CVE-2014-3431
CVE-2014-3431 affects Symantec PGP Desktop for OS X and Symantec Encryption Desktop/Professional (OS X). The issue arises from world-writable temporary files created during installation, enabling a multi-user attacker to read, modify, or create files with another user’s permissions when the affec...
CVE-2012-6533
CVE-2012-6533 is a buffer overflow in Symantec PGP Desktop/Encryption Desktop’s kernel driver pgpwded.sys. Affects Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP/Server 2003, enabling local privilege escalation via a crafted application. CVSSv2 base score 4.4 (lo...
CVE-2016-6590
The CVE-2016-6590 issue is a local privilege-escalation caused by loading DLLs during boot/reboot without absolute paths in multiple Symantec products. Affected: IT Management Suite 8.0 (before HF4), ITMS 7.6 (before HF7); Ghost Solution Suite 3.1 (before MP4); Endpoint Virtualization 7.x (before...
CVE-2014-1647
Symantec PGP Desktop 10.0.x–10.2.x and Encryption Desktop Professional/10.3.x before 10.3.2 MP1 are affected by a vulnerability in block-data move handling when parsing specially crafted certificates, which can trigger a read-access violation and cause an application crash (DoS) remotely. The und...