8753 matches found
CVE-2005-2940
Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 Beta 1 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs 1 GIANTAntiSpywareMain.exe, 2 gcASNotice.exe, 3 gcasServ.exe, 4 gcasSWUpdater.exe, or 5...
CVE-2005-2939
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder...
CVE-2005-3663
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder...
CVE-2005-2940
CVE-2005-2940 describes an unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1). Local users could gain privileges by placing a malicious file named program.exe in the C: drive, which could be executed by one of several Antispyware components: GIANTAntiSpywareMain....
CVE-2005-2938
CVE-2005-2938 affects Apple iTunes for Windows (iTunesHelper.exe) prior to iTunes 6. The vulnerability is an unquoted Windows search path in iTunesHelper.exe, which could allow a local user to gain privileges by placing a malicious C:\program.exe. Affected versions include iTunes 4.7.1.30 and iTu...
CVE-2005-2940
Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 Beta 1 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs 1 GIANTAntiSpywareMain.exe, 2 gcASNotice.exe, 3 gcasServ.exe, 4 gcasSWUpdater.exe, or 5...
CVE-2005-2939
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder...
CVE-2005-3580
QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...
CVE-2005-3580
QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...
CVE-2005-3581
GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...
CVE-2005-3270
The CVE-2005-3270 entry concerns Symantec Norton AntiVirus 9.0.3 and a DiskMountNotify component. The vulnerability is an untrusted search path that allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file. This is a local privilege escalation i...
Gentoo Linux multiple ports privilege escalation
User from portage group can place dynamic library into search path of vulnerable library. Vulnerable ports are perl, Qt-UnixODBC, CMake...
CVE-2005-2935
Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps CVE-2005-2940...
CVE-2005-2811
Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DTRPATH, which could allow local users to gain privileges...
CVE-2005-2811
Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DTRPATH, which could allow local users to gain privileges...
CVE-2005-2811
CVE-2005-2811 describes an untrusted search path (DT_RPATH) vulnerability in Net-SNMP up to version 5.2.1.2 on Gentoo Linux, where certain Perl modules are installed with an insecure DT_RPATH. This could allow a local attacker (non-remote) to gain privileges by influencing the loaded libraries. T...
CVE-2005-2811
Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DTRPATH, which could allow local users to gain privileges...
Cheetah: Untrusted module search path
Background Cheetah is a Python powered template engine and code generator. Description Brian Bird discovered that Cheetah searches for modules in the world-writable /tmp directory. Impact A malicious local user could place a module containing arbitrary code in /tmp, which when imported would run...
CVE-2005-1185
Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe...
CVE-2005-1286
Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process...