Insecure Permissions in AOL Client Software 9.0 Allows Arbitrary Code Execution

Insecure Permissions in AOL Client Software 9.0 Allows Arbitrary Code Execution

CVE-2005-2597 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

Learn more about our User Device Pen Test.