Symantec » Pgp Desktop : Security Vulnerabilities, CVEs,
Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted encrypted e-mail message that decompresses to a larger size.
Max CVSS
5.0
EPSS Score
0.17%
Published
2014-08-22
Updated
2017-08-29
Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.04%
Published
2014-06-21
Updated
2017-01-07
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.
Max CVSS
2.6
EPSS Score
0.31%
Published
2014-04-23
Updated
2014-04-24
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform memory copies, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.
Max CVSS
2.6
EPSS Score
0.31%
Published
2014-04-23
Updated
2014-04-24
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
Max CVSS
6.8
EPSS Score
0.04%
Published
2013-08-05
Updated
2013-08-05
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
Max CVSS
4.4
EPSS Score
0.12%
Published
2013-02-18
Updated
2013-02-20
Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-02-18
Updated
2013-02-18
7 vulnerabilities found