Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1647

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2014-1647
Last Modified 24 Apr 2014 02:06:44
Published 23 Apr 2014 03:55:05
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2014-1647

Summary

Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.

Vulnerable Systems

Application

  • Symantec Encryption Desktop 10.3.0

  • Symantec Encryption Desktop 10.3.1

  • Symantec Encryption Desktop 10.3.2

  • Symantec Pgp Desktop 10.0.0

  • Symantec Pgp Desktop 10.0.1

  • Symantec Pgp Desktop 10.0.2

  • Symantec Pgp Desktop 10.0.3

  • Symantec Pgp Desktop 10.1.0

  • Symantec Pgp Desktop 10.1.1

  • Symantec Pgp Desktop 10.1.2

  • Symantec Pgp Desktop 10.2.0

  • Symantec Pgp Desktop 10.2.1

  • Symantec Pgp Desktop 10.2.2


References

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00

BID - 67020


Last Updated: 27 May 2016 11:05:05