Denial of Service Vulnerability in Symantec PGP Desktop and Encryption Desktop
CVE-2014-1647

Currently unrated

Key Information:

Vendor: Symantec
Status: Pgp Desktop
Vendor: CVE Published:; 23 April 2014

Summary

The vulnerability arises from a failure in Symantec PGP Desktop and Encryption Desktop to properly handle block-data moves. This flaw can be exploited by remote attackers who send a malformed certificate, leading to a denial of service condition marked by read access violations and application crashes. This issue affects various versions of PGP Desktop and specific updates of Encryption Desktop Professional, making it essential for users to apply security patches to mitigate potential risks.

References

http://www.securityfocus.com/bid/67020

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 23, 2014
Vulnerability Reserved
Jan 23, 2014