Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3582

Overview

Vulnerability Score 2.9 2.9
CVE Id CVE-2012-3582
Last Modified 13 Feb 2013 11:55:01
Published 04 Sep 2012 07:04:49
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector ADJACENT_NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3582

Summary

Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.

Vulnerable Systems

Application

  • Symantec Pgp Universal Server 3.2.0

  • Symantec Pgp Universal Server 3.2.1


References

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120830_00

BID - 55246

SECTRACK - 1027467


Last Updated: 27 May 2016 11:00:27