CVE-2009-0681

Published Apr 15, 2009

Last updated 6 years ago

CVSS info 7.2

Overview

Description: PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:pgp:desktop:*:-:home:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A96A401-F0D4-4B5B-A54D-81AF805BEA72",
            "versionEndIncluding": "9.9.0"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:*:-:pro:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D13E822C-2401-4BA2-9F58-BA5A65BB5B88",
            "versionEndIncluding": "9.9.0"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0745A00E-1A44-475D-A39B-6597CDB27AEC"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:8.0:*:pro:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEE891C4-7A40-4FF8-99A6-0CB57653B364"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:9.0:*:home:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1A4562F-4959-44F9-AFEC-21D640E7B640"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B5BCE69-AA38-4321-8B95-A3CFDFCBC9E8"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:9.0.6:-:home:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1739BE5D-E639-4835-A080-E7D4B66EEEFB"
          },
          {
            "criteria": "cpe:2.3:a:pgp:desktop:9.0.6:-:pro:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAD65FDF-B51D-4898-8A09-0031BBACE335"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References