CVE-2006-3457 Information

Description

Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157 and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233 do not properly encrypt files that are subject to policy-based automatic encryption which might allow local users to read sensitive data via an unspecified decryption method.

Reference

http://secunia.com/advisories/21280 http://securitytracker.com/id?1016619 http://www.securityfocus.com/archive/1/441850/100/0/threaded http://www.securityfocus.com/bid/19248 http://www.symantec.com/avcenter/security/Content/2006.08.01a.html http://www.vupen.com/english/advisories/2006/3097 https://exchange.xforce.ibmcloud.com/vulnerabilities/28181