PT-2009-01: PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities Affected Software PGP Desktop 9.9.0 build 397Product Link: http://www.pgp.comVulnerability DescriptionPositive Technologies Research Team has discovered several vulnerabilities in PGP Desktop.1. The IOCTL handler in pgpdisk.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. Severity Rating: Severity: Medium Impact: Denial of Service Attack Vector: Local CVSS v2 Base Score: 4.9 Temporal Score: 3.8 Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C) CVE: CVE-2009-06812. The IOCTL handler in pgpwded.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system or execute arbitrary code with SYSTEM privileges. Severity Rating: Severity: Medium Impact: Priviliege Escalation Attack Vector: Local CVSS v2: Base Score: 6.2 Temporal Score: 4.9 Vector: (AV:L/AC:H/Au:N/C:C/I:C/A:C/E:P/RL:O/RC:C) CVE: CVE-2009-0681SolutionUpdate to the latest product version: PGP Desktop 9.10 http://www.pgp.comhttps://pgp.custhelp.com/cgi-bin/pgp.cfg/php/enduser/std_adp.php?p_faqid=1014&p_topview=1 Disclosure Timeline 02.04.2009 - Vendor notified 02.04.2008 - Vendor replied 02.04.2008 - Sent detailed information 04.02.2009 - Vendor released fixed versions 04.13.2009 - Public disclosureCreditsThese vulnerabilities were discovered by Nikita Tarakanov, Positive Technologies Research Team.Referenceshttp://en.securitylab.ru/lab/PT-2009-01 http://www.ptsecurity.ru/advisory.aspComplete list of vulnerability reports published by Positive Technologies Research Team:http://en.securitylab.ru/lab/ http://www.ptsecurity.ru/advisory.asp