Local File Permissions Vulnerability in Symantec PGP Desktop and Encryption Desktop Professional
CVE-2014-3431

Currently unrated

Key Information:

Vendor

Symantec
Status
Encryption Desktop
Pgp Desktop
Vendor
CVE Published:
21 June 2014

What is CVE-2014-3431?

A vulnerability exists in Symantec PGP Desktop versions 10.x and Encryption Desktop Professional 10.3.x prior to 10.3.2 MP2 on OS X. This issue arises from world-writable permissions set on temporary files, enabling local users to bypass intended file read, modify, create, and permission restrictions. Attackers may exploit this weakness through unspecified vectors, potentially leading to unauthorized access to sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1030454
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/68077
vdb-entryx_refsource_BID
http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.