← CVECheck
HomeVulnerabilities

CVE-2000-1128 — MEDIUM severity vulnerability (The default configuration of McAfee VirusScan 4.5 does not q)

The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.

CVE IDCVE-2000-1128
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-01-09
Last modified2026-04-16
DescriptionThe default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →