CVE-2009-0681

PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pgp:desktop:*:-:home:*:*:*:*:*
cpe:2.3:a:pgp:desktop:*:-:pro:*:*:*:*:*
cpe:2.3:a:pgp:desktop:8.0:*:home:*:*:*:*:*
cpe:2.3:a:pgp:desktop:8.0:*:pro:*:*:*:*:*
cpe:2.3:a:pgp:desktop:9.0:*:home:*:*:*:*:*
cpe:2.3:a:pgp:desktop:9.0:*:professional:*:*:*:*:*
cpe:2.3:a:pgp:desktop:9.0.6:-:home:*:*:*:*:*
cpe:2.3:a:pgp:desktop:9.0.6:-:pro:*:*:*:*:*

History

No history.

Information

Published : 2009-04-15 10:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-0681

Mitre link : CVE-2009-0681

CVE.ORG link : CVE-2009-0681


JSON object : View

Products Affected

pgp

  • desktop
CWE
CWE-20

Improper Input Validation