Published: 23/12/2005 Updated: 20/07/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee common management agent 3.5
mcafee virusscan enterprise 8.0i

source: wwwsecurityfocuscom/bid/16040/info McAfee VirusScan is prone to a vulnerability that could allow an arbitrary file to be executed The 'naPrdMgrexe' process calls applications without using properly quoted paths Successful exploitation may allow local attackers to gain elevated privileges McAfee VirusScan Enterprise 80i (pat ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/420104/100/0/threaded http://www.securityfocus.com/bid/16040 http://reedarvin.thearvins.com/20051222-01.html http://securitytracker.com/id?1015404 http://securityreason.com/securityalert/292 http://www.vupen.com/english/advisories/2005/3077 https://exchange.xforce.ibmcloud.com/vulnerabilities/23815 https://nvd.nist.gov https://www.exploit-db.com/exploits/26970/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-4505

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect