Vulnerabilites related to mcafee - internet_security_suite
Vulnerability from fkie_nvd
Published
2005-10-30 14:34
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | internet_security_suite | 7.1.5_version_9.1.08_engine_4.4.00 | |
| mcafee | internet_security_suite | 8.0.0_patch_10_engine_4400 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:internet_security_suite:7.1.5_version_9.1.08_engine_4.4.00:*:*:*:*:*:*:*", matchCriteriaId: "9216BAA4-28B8-420E-8C71-9A38D95BA179", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:8.0.0_patch_10_engine_4400:*:*:*:*:*:*:*", matchCriteriaId: "1D3568D0-B957-4289-AB28-08F4F800F2E7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\"", }, ], id: "CVE-2005-3377", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2005-10-30T14:34:00.000", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=113026417802703&w=2", }, { source: "cve@mitre.org", url: "http://www.securityelf.org/magicbyte.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.securityelf.org/magicbyteadv.html", }, { source: "cve@mitre.org", url: "http://www.securityelf.org/updmagic.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/15189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=113026417802703&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityelf.org/magicbyte.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.securityelf.org/magicbyteadv.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityelf.org/updmagic.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/15189", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-04-30 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*", matchCriteriaId: "55875615-29A3-4092-975C-60E9C8FAB03E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*", matchCriteriaId: "4A14000E-6A4C-474B-A92B-473A0EB0C533", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "35188DE1-99A4-42B1-81C3-E2ECBD589605", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C68CA8-9525-4FBA-A873-F17524D3F595", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*", matchCriteriaId: "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*", matchCriteriaId: "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*", matchCriteriaId: "7E69BB96-F48B-43DA-BA7B-530E5148CCC0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*", matchCriteriaId: "B978BD2B-D454-49BB-81A4-EABA14E75600", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*", matchCriteriaId: "AC106925-640E-4318-BDED-A9F904961AE3", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*", matchCriteriaId: "53275048-EE57-4204-86FA-BC6B8D5D614F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*", matchCriteriaId: "5E7A0A32-C1B6-465D-ABB3-156C570A0E5B", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*", matchCriteriaId: "B3C7EE0B-F166-478E-B800-B4D429B26F93", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*", matchCriteriaId: "0CD4E524-C466-4FB5-92FD-7EDAEEAE1F6D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*", matchCriteriaId: "F1FAB752-311E-4594-AE25-34BD02844578", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "E0BCC0FD-E09A-495A-926A-FE080BE46A20", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*", matchCriteriaId: "316D3C1B-D7E4-4FA9-B5CD-72D18BE775EE", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*", matchCriteriaId: "C64CDC92-E9CD-446A-9ADE-B10A28E20A3B", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*", matchCriteriaId: "019C46AA-7537-4930-BDC8-8EA0F6C5A216", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*", matchCriteriaId: "2B4CF979-7A55-4712-9B48-D885B746B62F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*", matchCriteriaId: "42D0FC30-BAA5-4677-A3E5-C7A6DEB8BE0E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.", }, { lang: "es", value: "El AV engine antes de DAT 5600 en McAfee VirusScan, Total Protection, Internet Security, SecurityShield para Microsoft ISA Server, Security para Microsoft Sharepoint, Security para Email Servers, Email Gateway, y Active Virus Defense permite a atacantes remotos eludir la detección de virus a través de (1) un campo Headflags inválido de un archivo RAR malformado, (2) un campo Packsize inválido de un archivo RAR malformado, o (3) un campo Filelength de un archivo ZIP malformado.", }, ], id: "CVE-2009-1348", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2009-04-30T20:30:00.467", references: [ { source: "cve@mitre.org", url: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34949", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/503173/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/34780", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34949", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/503173/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/34780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-04-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | internet_security_suite | 2005 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*", matchCriteriaId: "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.", }, ], id: "CVE-2005-1107", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-04-18T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-08-01 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | antispyware | 2005 | |
| mcafee | antispyware | 2006 | |
| mcafee | internet_security_suite | 2004 | |
| mcafee | internet_security_suite | 2005 | |
| mcafee | internet_security_suite | 2006 | |
| mcafee | personal_firewall_plus | 2004 | |
| mcafee | personal_firewall_plus | 2005 | |
| mcafee | personal_firewall_plus | 2006 | |
| mcafee | privacy_service | 2004 | |
| mcafee | privacy_service | 2005 | |
| mcafee | privacy_service | 2006 | |
| mcafee | quickclean | 2004 | |
| mcafee | quickclean | 2005 | |
| mcafee | quickclean | 2006 | |
| mcafee | security_center | 4.3 | |
| mcafee | security_center | 6.0 | |
| mcafee | security_center | 6.0.22 | |
| mcafee | security_center | 6.0.23 | |
| mcafee | spamkiller | 5.0 | |
| mcafee | spamkiller | 6.0 | |
| mcafee | spamkiller | 7.0 | |
| mcafee | virusscan | 2004 | |
| mcafee | virusscan | 2005 | |
| mcafee | virusscan | 2006 | |
| mcafee | wireless_home_network_security | 2006 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:antispyware:2005:*:*:*:*:*:*:*", matchCriteriaId: "B862ADF2-A544-4729-9EE4-D140C58D6AEB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:antispyware:2006:*:*:*:*:*:*:*", matchCriteriaId: "5350EE37-53D7-4DFB-84FC-0FA6A7C1C123", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*", matchCriteriaId: "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*", matchCriteriaId: "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*", matchCriteriaId: "7E69BB96-F48B-43DA-BA7B-530E5148CCC0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:personal_firewall_plus:2004:*:*:*:*:*:*:*", matchCriteriaId: "1F3E0836-557F-46C8-BBDE-955D3AEBB6B3", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:personal_firewall_plus:2005:*:*:*:*:*:*:*", matchCriteriaId: "5F62AF06-16DD-4C6C-BD48-BFA08629739C", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:personal_firewall_plus:2006:*:*:*:*:*:*:*", matchCriteriaId: "134C4C4F-92A0-4B89-B06A-4FB8D9513AFE", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:privacy_service:2004:*:*:*:*:*:*:*", matchCriteriaId: "0F945365-B065-44A6-8CEC-2CBCE4DD23C4", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:privacy_service:2005:*:*:*:*:*:*:*", matchCriteriaId: "DB1AC389-8BBF-4784-ABCD-99E379AC6B75", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:privacy_service:2006:*:*:*:*:*:*:*", matchCriteriaId: "8E03296D-5FC1-450D-BC05-6F6E9A90CF77", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:quickclean:2004:*:*:*:*:*:*:*", matchCriteriaId: "931427A2-B69B-4418-8374-854A5F9420DE", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:quickclean:2005:*:*:*:*:*:*:*", matchCriteriaId: "E19A9E38-E637-487A-BC06-F0CA6481E7EB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:quickclean:2006:*:*:*:*:*:*:*", matchCriteriaId: "AE3B1863-DBB3-4458-899B-CEEAD9275B17", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*", matchCriteriaId: "DD547C9C-9D50-49ED-8EFE-1DD7484DDED5", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*", matchCriteriaId: "210F5447-4FC7-4278-9F2A-C64BBB5A86DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*", matchCriteriaId: "BECBD40D-ACBD-4E88-B230-ECFE98FD9F5D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:security_center:6.0.23:*:*:*:*:*:*:*", matchCriteriaId: "A82098C7-30FE-464E-891F-868A0209D9DB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:spamkiller:5.0:*:*:*:*:*:*:*", matchCriteriaId: "0652B16C-7D9A-4743-AB54-6F205CA1E76D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:spamkiller:6.0:*:*:*:*:*:*:*", matchCriteriaId: "6CBC8F91-2534-4DAC-BDE3-AE49E19A6A8E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:spamkiller:7.0:*:*:*:*:*:*:*", matchCriteriaId: "5B33F2AC-4BBE-4DE0-A61E-378972011BB0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*", matchCriteriaId: "4D9B7B07-E3EF-4185-927C-CE308829B9A1", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*", matchCriteriaId: "F58D6A2F-AC08-4C1D-9ABF-4D675A1E87AC", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan:2006:*:*:*:*:*:*:*", matchCriteriaId: "9E96246D-3184-4BBB-8675-9B1CBE0B977C", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:wireless_home_network_security:2006:*:*:*:*:*:*:*", matchCriteriaId: "3B3DC47F-853B-44B0-BD8B-C2EE4530B333", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.", }, { lang: "es", value: "Desbordamiento de búfer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervención del usuario ejecutar comandos de su elección a través de paráametros string, los cuales son posteriormente usados en vsprintf.", }, ], id: "CVE-2006-3961", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2006-08-01T21:04:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/21264", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1016614", }, { source: "cve@mitre.org", url: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", }, { source: "cve@mitre.org", url: "http://www.eeye.com/html/research/advisories/AD2006807.html", }, { source: "cve@mitre.org", url: "http://www.eeye.com/html/research/upcoming/20060719.html", }, { source: "cve@mitre.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/481212", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/27698", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/442495/100/100/threaded", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/19265", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/3096", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/21264", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1016614", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.eeye.com/html/research/advisories/AD2006807.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.eeye.com/html/research/upcoming/20060719.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/481212", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/27698", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/442495/100/100/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/19265", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2006/3096", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-10-20 14:07
Modified
2025-04-09 00:30
Severity ?
Summary
McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | internet_security_suite | * | |
| mcafee | network_agent | 1.0.178.0 | |
| mcafee | personal_firewall_plus | * | |
| mcafee | virusscan | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*", matchCriteriaId: "E7C68CA8-9525-4FBA-A873-F17524D3F595", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:network_agent:1.0.178.0:*:*:*:*:*:*:*", matchCriteriaId: "CBB41A7D-90D1-4B5F-9DF5-24908F04B9B3", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:personal_firewall_plus:*:*:*:*:*:*:*:*", matchCriteriaId: "47CA26D8-35B1-458C-A9CA-60B033992520", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan:*:*:*:*:*:*:*:*", matchCriteriaId: "3B6140F3-9135-4490-A2A2-F8D0A1FEF8C2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.", }, { lang: "es", value: "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, según lo utilizado por múltiples productos McAfee posiblemente incluyendo Internet Security Suite, Personal Firewall Plus, y VirusScan, permiten a un atacante remoto provocar denegación de servicio (caida del agente) a través de un gran paquete, posiblemente a causa de un valor de posición de cadena inválido. NOTA: algunos de los detalles de esta información se obtuvieron de terceros.", }, ], id: "CVE-2006-5417", lastModified: "2025-04-09T00:30:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-10-20T14:07:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22371", }, { source: "cve@mitre.org", url: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/1750", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1017057", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/448546/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/20496", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/22371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/1750", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1017057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/448546/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/20496", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
CVE-2005-1107 (GCVE-0-2005-1107)
Vulnerability from cvelistv5
Published
2005-04-18 04:00
Modified
2024-09-16 18:49
Severity ?
EPSS score ?
Summary
McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:35:59.935Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred", ], url: "http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-04-18T04:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability", tags: [ "third-party-advisory", "x_refsource_IDEFENSE", ], url: "http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1107", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability", refsource: "IDEFENSE", url: "http://www.idefense.com/application/poi/display?id=233&type=vulnerabilities", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1107", datePublished: "2005-04-18T04:00:00Z", dateReserved: "2005-04-14T00:00:00Z", dateUpdated: "2024-09-16T18:49:37.632Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2006-5417 (GCVE-0-2006-5417)
Vulnerability from cvelistv5
Published
2006-10-20 10:00
Modified
2024-08-07 19:48
Severity ?
EPSS score ?
Summary
McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/448546/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1017057 | vdb-entry, x_refsource_SECTRACK | |
| http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/20496 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29501 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/22371 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityreason.com/securityalert/1750 | third-party-advisory, x_refsource_SREASON |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T19:48:30.217Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/448546/100/0/threaded", }, { name: "1017057", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1017057", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", }, { name: "20496", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/20496", }, { name: "mcafee-mcnasvc-dos(29501)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501", }, { name: "22371", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/22371", }, { name: "1750", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/1750", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-10-12T00:00:00", descriptions: [ { lang: "en", value: "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-17T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/448546/100/0/threaded", }, { name: "1017057", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1017057", }, { tags: [ "x_refsource_MISC", ], url: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", }, { name: "20496", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/20496", }, { name: "mcafee-mcnasvc-dos(29501)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501", }, { name: "22371", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/22371", }, { name: "1750", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/1750", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-5417", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/448546/100/0/threaded", }, { name: "1017057", refsource: "SECTRACK", url: "http://securitytracker.com/id?1017057", }, { name: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", refsource: "MISC", url: "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html", }, { name: "20496", refsource: "BID", url: "http://www.securityfocus.com/bid/20496", }, { name: "mcafee-mcnasvc-dos(29501)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501", }, { name: "22371", refsource: "SECUNIA", url: "http://secunia.com/advisories/22371", }, { name: "1750", refsource: "SREASON", url: "http://securityreason.com/securityalert/1750", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-5417", datePublished: "2006-10-20T10:00:00", dateReserved: "2006-10-19T00:00:00", dateUpdated: "2024-08-07T19:48:30.217Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2006-3961 (GCVE-0-2006-3961)
Vulnerability from cvelistv5
Published
2006-08-01 21:00
Modified
2024-08-07 18:48
Severity ?
EPSS score ?
Summary
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/19265 | vdb-entry, x_refsource_BID | |
| http://www.eeye.com/html/research/upcoming/20060719.html | x_refsource_MISC | |
| http://securitytracker.com/id?1016614 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/442495/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/27698 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/3096 | vdb-entry, x_refsource_VUPEN | |
| http://www.eeye.com/html/research/advisories/AD2006807.html | x_refsource_MISC | |
| http://ts.mcafeehelp.com/faq3.asp?docid=407052 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/21264 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/481212 | third-party-advisory, x_refsource_CERT-VN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T18:48:39.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "19265", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/19265", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.eeye.com/html/research/upcoming/20060719.html", }, { name: "1016614", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1016614", }, { name: "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/442495/100/100/threaded", }, { name: "27698", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/27698", }, { name: "ADV-2006-3096", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/3096", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.eeye.com/html/research/advisories/AD2006807.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", }, { name: "21264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/21264", }, { name: "VU#481212", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/481212", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-07-31T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-17T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "19265", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/19265", }, { tags: [ "x_refsource_MISC", ], url: "http://www.eeye.com/html/research/upcoming/20060719.html", }, { name: "1016614", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1016614", }, { name: "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/442495/100/100/threaded", }, { name: "27698", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/27698", }, { name: "ADV-2006-3096", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/3096", }, { tags: [ "x_refsource_MISC", ], url: "http://www.eeye.com/html/research/advisories/AD2006807.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", }, { name: "21264", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/21264", }, { name: "VU#481212", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/481212", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-3961", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "19265", refsource: "BID", url: "http://www.securityfocus.com/bid/19265", }, { name: "http://www.eeye.com/html/research/upcoming/20060719.html", refsource: "MISC", url: "http://www.eeye.com/html/research/upcoming/20060719.html", }, { name: "1016614", refsource: "SECTRACK", url: "http://securitytracker.com/id?1016614", }, { name: "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/442495/100/100/threaded", }, { name: "27698", refsource: "OSVDB", url: "http://www.osvdb.org/27698", }, { name: "ADV-2006-3096", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/3096", }, { name: "http://www.eeye.com/html/research/advisories/AD2006807.html", refsource: "MISC", url: "http://www.eeye.com/html/research/advisories/AD2006807.html", }, { name: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", refsource: "CONFIRM", url: "http://ts.mcafeehelp.com/faq3.asp?docid=407052", }, { name: "21264", refsource: "SECUNIA", url: "http://secunia.com/advisories/21264", }, { name: "VU#481212", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/481212", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-3961", datePublished: "2006-08-01T21:00:00", dateReserved: "2006-08-01T00:00:00", dateUpdated: "2024-08-07T18:48:39.348Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2009-1348 (GCVE-0-2009-1348)
Vulnerability from cvelistv5
Published
2009-04-30 20:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/503173/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34949 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/34780 | vdb-entry, x_refsource_BID | |
| http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T05:13:24.691Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/503173/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", }, { name: "34949", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34949", }, { name: "34780", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34780", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-04-30T00:00:00", descriptions: [ { lang: "en", value: "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/503173/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", }, { name: "34949", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34949", }, { name: "34780", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34780", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-1348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/503173/100/0/threaded", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", }, { name: "34949", refsource: "SECUNIA", url: "http://secunia.com/advisories/34949", }, { name: "34780", refsource: "BID", url: "http://www.securityfocus.com/bid/34780", }, { name: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", refsource: "MISC", url: "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-1348", datePublished: "2009-04-30T20:00:00", dateReserved: "2009-04-20T00:00:00", dateUpdated: "2024-08-07T05:13:24.691Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2005-3377 (GCVE-0-2005-3377)
Vulnerability from cvelistv5
Published
2005-10-29 19:00
Modified
2024-08-07 23:10
Severity ?
EPSS score ?
Summary
Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/15189 | vdb-entry, x_refsource_BID | |
| http://www.securityelf.org/magicbyte.html | x_refsource_MISC | |
| http://www.securityelf.org/magicbyteadv.html | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=113026417802703&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityelf.org/updmagic.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:10:08.603Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "15189", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/15189", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.securityelf.org/magicbyte.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.securityelf.org/magicbyteadv.html", }, { name: "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=113026417802703&w=2", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.securityelf.org/updmagic.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-10-25T00:00:00", descriptions: [ { lang: "en", value: "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-10-17T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "15189", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/15189", }, { tags: [ "x_refsource_MISC", ], url: "http://www.securityelf.org/magicbyte.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.securityelf.org/magicbyteadv.html", }, { name: "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=113026417802703&w=2", }, { tags: [ "x_refsource_MISC", ], url: "http://www.securityelf.org/updmagic.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3377", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "15189", refsource: "BID", url: "http://www.securityfocus.com/bid/15189", }, { name: "http://www.securityelf.org/magicbyte.html", refsource: "MISC", url: "http://www.securityelf.org/magicbyte.html", }, { name: "http://www.securityelf.org/magicbyteadv.html", refsource: "MISC", url: "http://www.securityelf.org/magicbyteadv.html", }, { name: "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=113026417802703&w=2", }, { name: "http://www.securityelf.org/updmagic.html", refsource: "MISC", url: "http://www.securityelf.org/updmagic.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3377", datePublished: "2005-10-29T19:00:00", dateReserved: "2005-10-29T00:00:00", dateUpdated: "2024-08-07T23:10:08.603Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }