CVE-2005-4505

Currently unrated

Key Information:

Vendor: Mcafee
Status: Common Management Agent; Virusscan Enterprise
Vendor: CVE Published:; 23 December 2005

Summary

Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.

References

http://reedarvin.thearvins.com/20051222-01.html

x_refsource_MISC

http://www.securityfocus.com/archive/1/420104/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/23815

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 23, 2005
Vulnerability Reserved
Dec 22, 2005