Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-12-22 16:03
Updated : 2017-07-19 18:29
NVD link : CVE-2005-4505
Mitre link : CVE-2005-4505
JSON object : View
CWE
Products Affected
mcafee
- virusscan_enterprise
- common_management_agent