CVE-2009-0681
Published Apr 15, 2009
Last updated 6 years ago
Overview
- Description
- PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pgp:desktop:*:-:home:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A96A401-F0D4-4B5B-A54D-81AF805BEA72",
"versionEndIncluding": "9.9.0"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:*:-:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D13E822C-2401-4BA2-9F58-BA5A65BB5B88",
"versionEndIncluding": "9.9.0"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0745A00E-1A44-475D-A39B-6597CDB27AEC"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:8.0:*:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEE891C4-7A40-4FF8-99A6-0CB57653B364"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:9.0:*:home:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1A4562F-4959-44F9-AFEC-21D640E7B640"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B5BCE69-AA38-4321-8B95-A3CFDFCBC9E8"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:9.0.6:-:home:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1739BE5D-E639-4835-A080-E7D4B66EEEFB"
},
{
"criteria": "cpe:2.3:a:pgp:desktop:9.0.6:-:pro:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAD65FDF-B51D-4898-8A09-0031BBACE335"
}
],
"operator": "OR"
}
]
}
]