Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0759

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2014-0759
Last Modified 28 Feb 2014 12:16:12
Published 28 Feb 2014 01:18:54
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0759

Summary

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

Vulnerable Systems

Application

  • Schneider-electric Floating License Manager 1.0.0

  • Schneider-electric Floating License Manager 1.4.0


References

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-14-058-01

CONFIRM - http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-015-01


Last Updated: 27 May 2016 10:47:32