7 matches found
CVE-2013-1610
CVE-2013-1610 : Unquoted Windows search path in Symantec PGP Desktop/RDDService and Symantec Encryption Desktop 10.x could allow local privilege escalation via a Trojan placed in the SYSTEMDRIVE root. Affected: PGP Desktop 10.0.x–10.2.x and Encryption Desktop 10.3.0 before MP3. Root cause: unquot...
CVE-2012-4351
CVE-2012-4351 refers to an integer overflow in the kernel driver pgpwded.sys used by Symantec PGP Desktop and Symantec Encryption Desktop (10.x) prior to the 10.3.0 MP1 maintenance pack. A crafted input could allow local users to gain privileges via this vulnerability. A related entry (CVE-2012-6...
CVE-2014-3436
CVE-2014-3436 affects Symantec Encryption Desktop 10.3.x before 10.3.2 MP3 and Symantec PGP Desktop 10.0.x–10.2.x. The issue is a DoS caused by a failure to limit the decompressed size during decryption of a crafted encrypted email, which can cause excessive CPU/memory usage and system unresponsi...
CVE-2014-1646
CVE-2014-1646 affects Symantec PGP Desktop 10.0.x–10.2.x and Encryption Desktop Professional 10.3.x; an improper memory copy when parsing malformed certificates can cause a read- access violation and application crash (DoS). The issue impacts remote-exploitation scenarios via crafted certificates...
CVE-2014-3431
CVE-2014-3431 affects Symantec PGP Desktop for OS X and Symantec Encryption Desktop/Professional (OS X). The issue arises from world-writable temporary files created during installation, enabling a multi-user attacker to read, modify, or create files with another user’s permissions when the affec...
CVE-2012-6533
CVE-2012-6533 is a buffer overflow in Symantec PGP Desktop/Encryption Desktop’s kernel driver pgpwded.sys. Affects Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP/Server 2003, enabling local privilege escalation via a crafted application. CVSSv2 base score 4.4 (lo...
CVE-2014-1647
Symantec PGP Desktop 10.0.x–10.2.x and Encryption Desktop Professional/10.3.x before 10.3.2 MP1 are affected by a vulnerability in block-data move handling when parsing specially crafted certificates, which can trigger a read-access violation and cause an application crash (DoS) remotely. The und...