Unquoted Search Path Vulnerability in Microsoft AntiSpyware
CVE-2005-2935
Currently unrated
What is CVE-2005-2935?
A vulnerability exists in Microsoft AntiSpyware due to an unquoted Windows search path. This flaw allows local users to potentially execute arbitrary code by placing a malicious executable file at a specific path. When Microsoft AntiSpyware runs its main executable (AntiSpywareMain.exe), it might inadvertently execute a crafted c:\program.exe file as it looks for the gsasDtServ.exe service. This vulnerability can pose security risks, making it crucial for users to determine whether they are affected and apply necessary mitigations.