Vulnerability Description
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Pgp Desktop | 10.0.0 |
| Microsoft | Windows 2003 Server | All versions |
| Microsoft | Windows Xp | All versions |
| Symantec | Encryption Desktop | 10.3.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/57835
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
- http://www.securityfocus.com/bid/57835
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
FAQ
What is CVE-2012-6533?
CVE-2012-6533 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
How severe is CVE-2012-6533?
CVE-2012-6533 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6533?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Pgp Desktop, Microsoft Windows 2003 Server, Microsoft Windows Xp, Symantec Encryption Desktop.