CVE-2005-2597

Name of the Vulnerable Software and Affected Versions AOL Client Software version 9.0

Description The issue allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program due to insecure permissions for its installation path.

Recommendations For AOL Client Software version 9.0, consider restricting access to the installation path to prevent local users from replacing ACSD.exe with a malicious program. As a temporary workaround, monitor the installation directory for any unauthorized changes to the ACSD.exe file until a fix is available.