← Back

CVE-2014-3431

nvd nist
Published: Jun 21, 2014Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:L/AC:L/Au:S/C:P/I:P/A:P
Exploitability: 3.1 / Impact: 6.4
Source: NVD

Description

Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.

Affected (14)

Symantec
2 products
Encryption Desktop
Pgp Desktop
Configuration A
14 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Symantec
Encryption Desktop
Version 10.3.0
Encryption Desktop
Version 10.3.1
Encryption Desktop
Version 10.3.2
Encryption Desktop
Version 10.3.2 mp1
Symantec
Pgp Desktop
Version 10.0.0
Pgp Desktop
Version 10.0.1
Pgp Desktop
Version 10.0.2
Pgp Desktop
Version 10.0.3
Pgp Desktop
Version 10.1.0
Pgp Desktop
Version 10.1.1
Pgp Desktop
Version 10.1.2
Pgp Desktop
Version 10.2.0
Pgp Desktop
Version 10.2.1
Pgp Desktop
Version 10.2.2
Running on/withPlatform Versions
Apple
Mac Os X
All versions

Related CWEs

CWE-264
CWE-264

References (8)

Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Source: secure@symantec.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.