CVE-2006-0858

Name of the Vulnerable Software and Affected Versions StarForce Safe'n'Sec Personal + Anti-Spyware versions 2.0 and earlier

Description The issue is related to an unquoted Windows search path vulnerability in multiple components, including snsmcon.exe, the autostartup mechanism, and an unspecified installation component. This could potentially allow local users to gain privileges by placing a malicious "program" file in the C: folder.

Recommendations For StarForce Safe'n'Sec Personal + Anti-Spyware versions 2.0 and earlier, consider restricting access to the C: folder to prevent malicious files from being placed there, and avoid using the autostartup mechanism until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.