Symantec Encryption Desktop Local Access Elevation of Privilege Vulnerabilities
Medium Nessus Plugin ID 64853
SynopsisThe remote host has an application installed that is affected by multiple privilege escalation vulnerabilities.
DescriptionThe remote host has a version of Symantec Encryption Desktop (formerly PGP Desktop) installed that is affected by two privilege escalation vulnerabilities that can be triggered by exploiting a buffer overflow or integer overflow flaw in 'pgpwded.sys'.
By running a specially crafted program, a local attacker could execute arbitrary code with privileged access.
SolutionApply Symantec Encryption Desktop 10.3.0 maintenance pack 1.