1. Home
  2. CVE Database
  3. CVE-2005-2597
HIGH · 7.2

CVE-2005-2597

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

Vulnerability Description

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AolAol Client Software9.0

References

FAQ

What is CVE-2005-2597?

CVE-2005-2597 is a vulnerability with a CVSS score of 7.2 (HIGH). AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

How severe is CVE-2005-2597?

CVE-2005-2597 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2005-2597?

Check the references section above for vendor advisories and patch information. Affected products include: Aol Aol Client Software.