Lucene search

[email protected]CVE-2005-1286

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1286

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1286

bitdefender

vulnerability

windows

search path

local users

execution paths

security

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.

Affected configurations

NVD

Node

softwinbitdefender_antivirusMatchprofessional_plus_8

softwinbitdefender_antivirusMatchstandard_8

CPENameOperatorVersion
softwin:bitdefender_antivirussoftwin bitdefender antiviruseqprofessional_plus_8
softwin:bitdefender_antivirussoftwin bitdefender antiviruseqstandard_8

CPE	Name	Operator	Version
softwin:bitdefender_antivirus	softwin bitdefender antivirus	eq	professional_plus_8
softwin:bitdefender_antivirus	softwin bitdefender antivirus	eq	standard_8

References

marc.info/?l=bugtraq&m=111420400316397&w=2

secunia.com/advisories/15076

www.osvdb.org/15818

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2005-1286

cvelist1 nvd1