PT-2012-4828 · Symantec · Symantec Pgp Universal Server
Published
2012-09-04
·
Updated
2013-02-14
·
CVE-2012-3582
CVSS v2.0
2.9
Low
| Vector | AV:A/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Symantec PGP Universal Server versions 3.2.x through 3.2.1 MP1
Description
The issue arises from improper session management, specifically with key search requests. This could potentially allow remote attackers to read a private key under certain circumstances by making a request near the end of a user's session.
Recommendations
For Symantec PGP Universal Server versions 3.2.x through 3.2.1 MP1, update to version 3.2.1 MP2 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Symantec Pgp Universal Server