Unquoted ImagePath Vulnerability in McAfee VirusScan 4.5
CVE-2000-1128 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
Learn more about our User Device Pen Test.