Vulnerability Description
Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps CVE-2005-2940.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Antispyware | All versions |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033909.htmlExploit
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033910.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033909.htmlExploit
- http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033910.html
FAQ
What is CVE-2005-2935?
CVE-2005-2935 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to...
How severe is CVE-2005-2935?
CVE-2005-2935 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2935?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Antispyware.