Description
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
Affected products
- McAfee / common_management_agent3.5 – 3.5
- McAfee / VirusScan Enterprise8.0i – 8.0i
References
- MISChttp://reedarvin.thearvins.com/20051222-01.html
- MISChttp://www.securityfocus.com/archive/1/420104/100/0/threaded
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/23815
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/3077
- MISChttp://securitytracker.com/id?1015404
- MISChttp://securityreason.com/securityalert/292
- MISChttp://www.securityfocus.com/bid/16040