CVE-2005-4505

Name of the Vulnerable Software and Affected Versions McAfee VirusScan Enterprise version 8.0i (patch 11) CMA version 3.5 (patch 5)

Description The issue allows local users to potentially gain privileges through a malicious file. This occurs when naPrdMgr.exe attempts to execute EntVUtil.EXE under an unquoted "Program Files" path, and a malicious "program.exe" file is placed in the C: folder.

Recommendations For McAfee VirusScan Enterprise version 8.0i (patch 11), consider updating to a newer version that quotes the Windows search path to prevent malicious file execution. For CMA version 3.5 (patch 5), consider updating to a newer version that quotes the Windows search path to prevent malicious file execution. As a temporary workaround, consider restricting write access to the C: folder to minimize the risk of exploitation.