CVE-2008-5731
Severity CVSS v4.0:
Pending analysis
Type:
CWE-399
Resource Management Errors
Publication date:
26/12/2008
Last modified:
09/04/2025
Description
The PGPwded device driver (aka PGPwded.sys) in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.0 build 397 allows local users to cause a denial of service (system crash) and possibly gain privileges via a certain METHOD_BUFFERED IOCTL request that overwrites portions of memory, related to a "Driver Collapse." NOTE: some of these details are obtained from third party information.
Impact
Base Score 2.0
4.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:pgp:desktop:9.0.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:pgp:desktop:9.9.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/50914
- http://secunia.com/advisories/33310
- http://securityreason.com/securityalert/4811
- http://www.evilfingers.com/advisory/PGPDesktop_9_0_6_Denial_Of_Service.php
- http://www.evilfingers.com/advisory/PGPDesktop_9_0_6_Denial_Of_Service_POC.php
- http://www.securityfocus.com/archive/1/499572/100/0/threaded
- http://www.securityfocus.com/bid/32991
- http://www.securitytracker.com/id?1021493=
- https://www.exploit-db.com/exploits/7556
- http://osvdb.org/50914
- http://secunia.com/advisories/33310
- http://securityreason.com/securityalert/4811
- http://www.evilfingers.com/advisory/PGPDesktop_9_0_6_Denial_Of_Service.php
- http://www.evilfingers.com/advisory/PGPDesktop_9_0_6_Denial_Of_Service_POC.php
- http://www.securityfocus.com/archive/1/499572/100/0/threaded
- http://www.securityfocus.com/bid/32991
- http://www.securitytracker.com/id?1021493=
- https://www.exploit-db.com/exploits/7556