Symantec PGP Universal Server Private Key Information Disclosure Vulnerability


This allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user’s session.


The original article can be found at:


Vulnerable Systems:
 * Symantec Pgp Universal Server 3.2.0 and prior

Symantec PGP Universal Server does not properly manage sessions that include key search requests.

Patch Availability:

CVE Information:

Disclosure Timeline:
Publish Date : 2012-09-13
Last Update Date : 2012-09-21

Categories: News