U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): unquoted search path
  • Search Type: Search All
There are 99 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2015-8156

Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Published: May 13, 2016; 9:59:00 PM -0400
V3.0: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2015-7866

Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to gain privileges via a Trojan horse application, as demonstrated by C:\Program.exe.

Published: November 24, 2015; 3:59:12 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-4173

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

Published: August 26, 2015; 3:59:06 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2015-3987

Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors.

Published: May 14, 2015; 10:59:14 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2015-1484

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Published: April 22, 2015; 6:59:00 AM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2015-2789

Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder.

Published: March 30, 2015; 10:59:09 AM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2015-0884

Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Published: February 27, 2015; 9:59:33 PM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2014-9646

Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Google Chrome before 40.0.2214.91 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% directory, as demonstrated by program.exe, a different vulnerability than CVE-2015-1205.

Published: January 27, 2015; 2:59:11 PM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2014-4634

Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Published: December 30, 2014; 10:59:01 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2014-5455

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.

Published: August 25, 2014; 12:55:04 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2014-0759

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Published: February 28, 2014; 1:18:54 AM -0500
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-2152

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

Published: January 21, 2014; 1:55:09 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2151

Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.

Published: January 21, 2014; 1:55:09 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-5011

Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.

Published: January 10, 2014; 11:47:05 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-6182

Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory.

Published: December 27, 2013; 11:53:06 PM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2231

Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Linux Desktop 6, HPC Node 6, Server 6, Workstation 6, Desktop Supplementary 6, Server Supplementary 6, Supplementary AUS 6.4, Supplementary EUS 6.4.z, and Workstation Supplementary 6, when installing on Windows, allows local users to gain privileges via a crafted program in an unspecified folder.

Published: October 01, 2013; 1:55:03 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-2176

Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse application.

Published: August 28, 2013; 5:55:08 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-1610

Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.

Published: August 05, 2013; 9:22:52 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-1092

Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe.

Published: May 05, 2013; 7:07:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-1609

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.

Published: March 26, 2013; 10:07:27 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM