Vulnerabilities > CVE-2005-2935 - Local Security vulnerability in Microsoft AntiSpyware

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

microsoft

NVD

Published: 2005-09-15

Updated: 2008-09-05

Summary

Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps CVE-2005-2940.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Antispyware *	1

References

http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033909.html
http://lists.grok.org.uk/pipermail/full-disclosure/2005-May/033910.html