CVE-2014-3431

Currently unrated

Key Information:

Vendor: Symantec
Status: Encryption Desktop; Pgp Desktop
Vendor: CVE Published:; 21 June 2014

Summary

Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.

References

http://www.securitytracker.com/id/1030454

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/68077

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 21, 2014
Vulnerability Reserved
May 9, 2014