Vigil@nce - Symantec PGP, Encryption Desktop: privilege elevation
March 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use two vulnerabilities of Symantec
PGP/Encryption Desktop, in order to execute code with system
privileges.
Impacted products: Symantec Encryption Desktop, PGP Desktop
Severity: 2/4
Creation date: 15/02/2013
DESCRIPTION OF THE VULNERABILITY
The Symantec PGP/Encryption Desktop product installs the
pgpwded.sys driver. However, it is impacted by two vulnerabilities.
An attacker can trigger an integer overflow. [severity:2/4;
BID-57170, CVE-2012-4351]
On Windows XP/2003, an attacker can trigger a buffer overflow.
[severity:2/4; BID-57835, CVE-2012-4352-ERROR, CVE-2012-6533]
A local attacker can therefore use two vulnerabilities of Symantec
PGP/Encryption Desktop, in order to execute code with system
privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Symantec-PGP-Encryption-Desktop-privilege-elevation-12429