CVE-2005-2938

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2005-2938
Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities Vendor Advisory
http://securitytracker.com/id?1015222
http://www.vupen.com/english/advisories/2005/2443 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:itunes:5.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7.1.30:*:*:*:*:*:*:*
Information

Published : 2005-11-17 22:03

Updated : 2011-03-09 21:00

NVD link : CVE-2005-2938

Mitre link : CVE-2005-2938

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

apple

  • itunes