CVE-2013-1610 | Vulnerability Database | Aqua Security

Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.

Affected Software

Name	Vendor	Start Version	End Version
Encryption_desktop	Symantec	10.3.0 (including)	10.3.0 (including)
Pgp_desktop	Symantec	10.0.0 (including)	10.0.0 (including)
Pgp_desktop	Symantec	10.0.1 (including)	10.0.1 (including)
Pgp_desktop	Symantec	10.0.2 (including)	10.0.2 (including)
Pgp_desktop	Symantec	10.0.3 (including)	10.0.3 (including)
Pgp_desktop	Symantec	10.1.0 (including)	10.1.0 (including)
Pgp_desktop	Symantec	10.1.1 (including)	10.1.1 (including)
Pgp_desktop	Symantec	10.1.2 (including)	10.1.2 (including)
Pgp_desktop	Symantec	10.2.0 (including)	10.2.0 (including)
Pgp_desktop	Symantec	10.2.1 (including)	10.2.1 (including)
Pgp_desktop	Symantec	10.2.2 (including)	10.2.2 (including)

References

http://www.securityfocus.com/bid/61489
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130801_01

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-1610
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html