AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/24324http://archives.neohapsis.com/archives/ntbugtraq/2005-08/0009.htmlhttp://www.securityfocus.com/bid/14530
