CVE-2014-1647

Name of the Vulnerable Software and Affected Versions Symantec PGP Desktop versions 10.0.x through 10.2.x Symantec Encryption Desktop Professional versions 10.3.x before 10.3.2 MP1

Description The issue is related to the improper performance of block-data moves, which can be exploited by remote attackers using a malformed certificate. This exploitation can cause a denial of service, resulting in a read access violation and application crash.

Recommendations For Symantec PGP Desktop versions 10.0.x through 10.2.x, update to a version outside of the affected range to resolve the issue. For Symantec Encryption Desktop Professional versions 10.3.x before 10.3.2 MP1, update to version 10.3.2 MP1 or later to fix the problem.