Vulnerability Details CVE-2013-1610
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/61489
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_01
- http://www.securityfocus.com/bid/61489
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_01
Products affected by CVE-2013-1610
-
cpe:2.3:a:symantec:encryption_desktop:10.3.0
-
cpe:2.3:a:symantec:pgp_desktop:10.0.0
-
cpe:2.3:a:symantec:pgp_desktop:10.0.1
-
cpe:2.3:a:symantec:pgp_desktop:10.0.2
-
cpe:2.3:a:symantec:pgp_desktop:10.0.3
-
cpe:2.3:a:symantec:pgp_desktop:10.1.0
-
cpe:2.3:a:symantec:pgp_desktop:10.1.1
-
cpe:2.3:a:symantec:pgp_desktop:10.1.2
-
cpe:2.3:a:symantec:pgp_desktop:10.2.0
-
cpe:2.3:a:symantec:pgp_desktop:10.2.1
-
cpe:2.3:a:symantec:pgp_desktop:10.2.2