CVE-2005-2940 Information

Description

Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1) might allow local users to gain privileges via a malicious \program.exe\ file in the C: folder involving the programs (1) GIANTAntiSpywareMain.exe (2) gcASNotice.exe (3) gcasServ.exe (4) gcasSWUpdater.exe or (5) GIANTAntiSpywareUpdater.exe. NOTE: it is not clear whether this overlaps CVE-2005-2935.

Reference

http://securitytracker.com/id?1015226 http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities http://www.securityfocus.com/bid/15448