World-writable permissions for temporary files in Symantec PGP Desktop 10.x on OS X

World-writable permissions for temporary files in Symantec PGP Desktop 10.x on OS X

CVE-2014-3431 · MEDIUM Severity

AV:L/AC:L/AU:S/C:P/I:P/A:P

Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.

Learn more about our Cis Benchmark Audit For Desktop Software.