Denial of Service Vulnerability in Symantec Encryption Desktop and PGP Desktop
CVE-2014-3436

Currently unrated

Key Information:

Vendor: Symantec
Status: Pgp Desktop
Vendor: CVE Published:; 22 August 2014

Summary

The vulnerability in Symantec Encryption Desktop allows remote attackers to create a denial of service condition by sending crafted encrypted email messages. These messages, when processed, can lead to excessive CPU and memory consumption due to their size upon decompression. This constitutes a significant risk as it can disrupt the normal operation of the affected software, rendering it unusable until the service is restarted.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95406

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1030761

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/69259

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 22, 2014
Vulnerability Reserved
May 9, 2014