CVE-2013-1610

Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.

Published: Aug 5, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-1610
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / pgp_desktop	10.2.2	10.2.2.x
symantec / pgp_desktop	10.1.0	10.1.0.x
symantec / pgp_desktop	10.2.0	10.2.0.x
symantec / pgp_desktop	10.1.1	10.1.1.x
symantec / pgp_desktop	10.0.0	10.0.0.x
symantec / pgp_desktop	10.0.2	10.0.2.x
symantec / encryption_desktop	10.3.0	10.3.0.x
symantec / pgp_desktop	10.0.3	10.0.3.x
symantec / pgp_desktop	10.1.2	10.1.2.x
symantec / pgp_desktop	10.0.1	10.0.1.x
symantec / pgp_desktop	10.2.1	10.2.1.x

http://www.securityfocus.com/bid/61489
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130801_01

Vulnerability Database

290,206

CVE-2013-1610