CVE-2005-2597

Description

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

Affected products

• AOL / aol_client_software9.0 – 9.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/24324
• MISChttp://archives.neohapsis.com/archives/ntbugtraq/2005-08/0009.html
• MISChttp://www.securityfocus.com/bid/14530