CVE-2005-2938

UNKNOWN

Unquoted Windows search path vulnerability in iTunesHelper

Published Nov 18, 2005

Modified 1 years ago

Details

Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file.

References

WEB

http://securitytracker.com/id?1015222

ADVISORY

http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

WEB

http://www.vupen.com/english/advisories/2005/2443

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2005-2938

CVSS Analysis

CVSS v2.0

7.2

Exploitability

Access Vector

LocalAV:L

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

CompleteC:C

Integrity

CompleteI:C

Availability

CompleteA:C

7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C

Ecosystems

Timeline

PublishedNov 18, 2005

ModifiedAug 7, 2024