CVE Vulnerabilities

CVE-2014-3431

Published: Jun 21, 2014 | Modified: Jan 07, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:L/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Encryption_desktop Symantec 10.3.0 10.3.0
Encryption_desktop Symantec 10.3.1 10.3.1
Encryption_desktop Symantec 10.3.2 10.3.2
Encryption_desktop Symantec 10.3.2 10.3.2
Pgp_desktop Symantec 10.0.0 10.0.0
Pgp_desktop Symantec 10.0.1 10.0.1
Pgp_desktop Symantec 10.0.2 10.0.2
Pgp_desktop Symantec 10.0.3 10.0.3
Pgp_desktop Symantec 10.1.0 10.1.0
Pgp_desktop Symantec 10.1.1 10.1.1
Pgp_desktop Symantec 10.1.2 10.1.2
Pgp_desktop Symantec 10.2.0 10.2.0
Pgp_desktop Symantec 10.2.1 10.2.1
Pgp_desktop Symantec 10.2.2 10.2.2

References