4.3

CVE-2014-3431

Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.

Data is provided by the National Vulnerability Database (NVD)
SymantecEncryption Desktop Version10.3.0 SwEditionprofessional
   ApplemacOS X
SymantecEncryption Desktop Version10.3.1 SwEditionprofessional
   ApplemacOS X
SymantecEncryption Desktop Version10.3.2 Update- SwEditionprofessional
   ApplemacOS X
SymantecEncryption Desktop Version10.3.2 Updatemp1 SwEditionprofessional
   ApplemacOS X
SymantecPgp Desktop Version10.0.0
   ApplemacOS X
SymantecPgp Desktop Version10.0.1
   ApplemacOS X
SymantecPgp Desktop Version10.0.2
   ApplemacOS X
SymantecPgp Desktop Version10.0.3
   ApplemacOS X
SymantecPgp Desktop Version10.1.0
   ApplemacOS X
SymantecPgp Desktop Version10.1.1
   ApplemacOS X
SymantecPgp Desktop Version10.1.2
   ApplemacOS X
SymantecPgp Desktop Version10.2.0
   ApplemacOS X
SymantecPgp Desktop Version10.2.1
   ApplemacOS X
SymantecPgp Desktop Version10.2.2
   ApplemacOS X
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.04% 0.078
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 3.1 6.4
AV:L/AC:L/Au:S/C:P/I:P/A:P