CVE-2012-4351

CWE-1893 documents3 sources

Severity

6.9MEDIUM

EPSS

0.1%

top 69.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Encryption Desktop Symantec PGP Desktop

Timeline

PublishedFeb 18

Latest updateMay 17

Description

Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages2 packages

▶NVDsymantec/encryption_desktop10.3.0

▶NVDsymantec/pgp_desktop9 versions+8

🔴Vulnerability Details

GHSA

GHSA-g7wj-jgmc-3fc8: Integer overflow in pgpwded↗2022-05-17

▶

CVEList

CVE-2012-4351: Integer overflow in pgpwded↗2013-02-18

▶