PT-2005-4420 · Kaspersky+1 · Kaspersky Anti-Virus+1

Published

2005-11-18

Updated

2011-03-08

CVE-2005-3663

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus version 5.0

Description The issue is related to an unquoted Windows search path vulnerability. It might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.

Recommendations For Kaspersky Anti-Virus version 5.0, consider quoting the Windows search path to prevent malicious files from being executed. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3663

Affected Products

Kaspersky Anti-Virus

Windows

PT-2005-4420 · Kaspersky+1 · Kaspersky Anti-Virus+1

CVE-2005-3663

Related Identifiers

Affected Products

References · 4