Integer Overflow Vulnerability in Symantec PGP Desktop and Encryption Desktop
CVE-2012-4351

Currently unrated

Key Information:

Vendor: Symantec
Status: Encryption Desktop
Vendor: CVE Published:; 18 February 2013

Summary

An integer overflow vulnerability exists in the pgpwded.sys component of Symantec PGP Desktop versions 10.x and Encryption Desktop version 10.3.0 prior to MP1. This vulnerability enables local users to execute crafted applications that can lead to privilege escalation, potentially allowing unauthorized access to sensitive system resources. Users of the affected products should ensure they apply the latest security updates to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/57170

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 18, 2013