Lucene search

[email protected]CVE-2005-1185

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1185

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1185

unquoted search path vulnerability

musicmatch jukebox

privilege escalation

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe.

Affected configurations

NVD

Node

musicmatchjukeboxRange≤10.00.2047

CPENameOperatorVersion
musicmatch:jukeboxmusicmatch jukeboxle10.00.2047

CPE	Name	Operator	Version
musicmatch:jukebox	musicmatch jukebox	le	10.00.2047

References

marc.info/?l=bugtraq&m=111352290711509&w=2

securitytracker.com/id?1013718

www.hyperdose.com/advisories/H2005-05.txt

exchange.xforce.ibmcloud.com/vulnerabilities/20129

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-1185

cvelist1 nvd1 nessus1