QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0681

Published: Apr 15, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20090413 [Suspected Spam][Positive Technologies SA 2009-01] PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

http://en.securitylab.ru/lab/PT-2009-01

x_refsource_MISC

https://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1014&p_topview=1

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.