All the vulnerabilites related to mcafee - virusscan_enterprise
cve-2016-8030
Vulnerability from cvelistv5
Published
2017-04-25 16:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/98041 | vdb-entry, x_refsource_BID | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10194 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee | VirusScan Enterprise |
Version: 8.8 Patch 8 and earlier |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise",
"vendor": "McAfee",
"versions": [
{
"status": "affected",
"version": "8.8 Patch 8 and earlier"
}
]
}
],
"datePublic": "2017-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-28T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise",
"version": {
"version_data": [
{
"version_value": "8.8 Patch 8 and earlier"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A memory corruption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98041"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8030",
"datePublished": "2017-04-25T16:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8019
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting (XSS) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8019",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8577
Vulnerability from cvelistv5
Published
2015-12-16 18:00
Modified
2024-08-06 08:20
Severity ?
EPSS score ?
Summary
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/78810 | vdb-entry, x_refsource_BID | |
| http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/ | x_refsource_MISC | |
| http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations | x_refsource_MISC | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10142 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:43.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78810",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/78810"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-11T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "78810",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/78810"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78810"
},
{
"name": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/",
"refsource": "MISC",
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"name": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations",
"refsource": "MISC",
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8577",
"datePublished": "2015-12-16T18:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-06T08:20:43.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-5143
Vulnerability from cvelistv5
Published
2012-08-22 10:00
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10014 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-22T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5143",
"datePublished": "2012-08-22T10:00:00Z",
"dateReserved": "2012-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T00:06:40.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7280
Vulnerability from cvelistv5
Published
2020-06-10 11:52
Modified
2024-09-16 16:53
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10302 | x_refsource_CONFIRM | |
| https://www.zerodayinitiative.com/advisories/ZDI-20-702/ | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Version: 8.8.x < 8.8 Patch 15 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T11:06:04",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Symbolic Link vulnerability during DAT update",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2020-7280",
"STATE": "PUBLIC",
"TITLE": "Symbolic Link vulnerability during DAT update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7280",
"datePublished": "2020-06-10T11:52:43.610724Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T16:53:22.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8021
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper verification of cryptographic signature vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper verification of cryptographic signature vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8021",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7337
Vulnerability from cvelistv5
Published
2020-12-09 08:40
Modified
2024-09-16 18:18
Severity ?
EPSS score ?
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10338 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee, LLC | VirusScan Enterprise (VSE) |
Version: 8.8.x < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThanOrEqual": "patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:40:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Incorrect Permission Assignment for Critical Resource",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-12-08T00:00:00.000Z",
"ID": "CVE-2020-7337",
"STATE": "PUBLIC",
"TITLE": "Incorrect Permission Assignment for Critical Resource"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "8.8.x",
"version_value": "patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7337",
"datePublished": "2020-12-09T08:40:14.736661Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T18:18:07.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8024
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper neutralization of CRLF sequences in HTTP headers vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8024",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3984
Vulnerability from cvelistv5
Published
2016-04-08 15:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Mar/13 | mailing-list, x_refsource_FULLDISC | |
| http://lab.mediaservice.net/advisory/2016-01-mcafee.txt | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39531/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securitytracker.com/id/1035130 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10151 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"name": "1035130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-14T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"name": "1035130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"name": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt",
"refsource": "MISC",
"url": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"name": "1035130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035130"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3984",
"datePublished": "2016-04-08T15:00:00",
"dateReserved": "2016-04-08T00:00:00",
"dateUpdated": "2024-08-06T00:10:31.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7267
Vulnerability from cvelistv5
Published
2020-05-08 12:25
Modified
2024-09-17 02:51
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10316 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Linux |
Version: 2.0.x < 2.0.3 Hotfix 2635000 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Linux",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "2.0.3 Hotfix 2635000",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T12:25:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSEL",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7267",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSEL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.0.x",
"version_value": "2.0.3 Hotfix 2635000"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7267",
"datePublished": "2020-05-08T12:25:14.793515Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T02:51:54.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8017
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Special element injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Special element injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8017",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8025
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL injection vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8025",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8018
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery (CSRF) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8018",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7266
Vulnerability from cvelistv5
Published
2020-05-08 11:55
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10316 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Windows |
Version: 8.8.x < 8.8 Patch 14 Hotfix 116778 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Windows",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "8.8 Patch 14 Hotfix 116778",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T11:55:13",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSE for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7266",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSE for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14 Hotfix 116778"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7266",
"datePublished": "2020-05-08T11:55:14.049262Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T04:04:21.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4505
Vulnerability from cvelistv5
Published
2005-12-23 00:00
Modified
2024-08-07 23:46
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://reedarvin.thearvins.com/20051222-01.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/420104/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/23815 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2005/3077 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015404 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/292 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/16040 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://reedarvin.thearvins.com/20051222-01.html",
"refsource": "MISC",
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4505",
"datePublished": "2005-12-23T00:00:00",
"dateReserved": "2005-12-22T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5118
Vulnerability from cvelistv5
Published
2012-08-22 10:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10013 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/78448 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.394Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013"
},
{
"name": "mcafee-virusscan-trojan-priv-esc(78448)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78448"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013"
},
{
"name": "mcafee-virusscan-trojan-priv-esc(78448)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78448"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013"
},
{
"name": "mcafee-virusscan-trojan-priv-esc(78448)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78448"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5118",
"datePublished": "2012-08-22T10:00:00",
"dateReserved": "2012-08-22T00:00:00",
"dateUpdated": "2024-08-07T07:32:22.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2152
Vulnerability from cvelistv5
Published
2007-04-19 10:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.vupen.com/english/advisories/2007/1435 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33732 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/24914 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1017928 | vdb-entry, x_refsource_SECTRACK | |
| https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/324929 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/23543 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:50.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070417 McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515"
},
{
"name": "ADV-2007-1435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1435"
},
{
"name": "mcafee-onaccess-bo(33732)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33732"
},
{
"name": "24914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24914"
},
{
"name": "1017928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017928"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC"
},
{
"name": "VU#324929",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/324929"
},
{
"name": "23543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23543"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070417 McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515"
},
{
"name": "ADV-2007-1435",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1435"
},
{
"name": "mcafee-onaccess-bo(33732)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33732"
},
{
"name": "24914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24914"
},
{
"name": "1017928",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017928"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC"
},
{
"name": "VU#324929",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/324929"
},
{
"name": "23543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23543"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070417 McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515"
},
{
"name": "ADV-2007-1435",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1435"
},
{
"name": "mcafee-onaccess-bo(33732)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33732"
},
{
"name": "24914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24914"
},
{
"name": "1017928",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017928"
},
{
"name": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC"
},
{
"name": "VU#324929",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/324929"
},
{
"name": "23543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23543"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2152",
"datePublished": "2007-04-19T10:00:00",
"dateReserved": "2007-04-19T00:00:00",
"dateUpdated": "2024-08-07T13:23:50.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8020
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper control of generation of code vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper control of generation of code vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8020",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3588
Vulnerability from cvelistv5
Published
2020-06-10 11:47
Modified
2024-09-16 20:37
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10302 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Version: 8.8.x < 8.8 Patch 14 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:25:02",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Using VSE to bypass Windows Credentials on Lock screen",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3588",
"STATE": "PUBLIC",
"TITLE": "Using VSE to bypass Windows Credentials on Lock screen"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3588",
"datePublished": "2020-06-10T11:47:44.182315Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T20:37:00.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4886
Vulnerability from cvelistv5
Published
2006-09-19 21:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/1605 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/446220/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28971 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1605",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1605"
},
{
"name": "20060915 McAfee VirusScan Enterprise - disabling the client side \"On-Access Scan\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446220/100/0/threaded"
},
{
"name": "mcafee-virusscan-onaccess-security-bypass(28971)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28971"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1605",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1605"
},
{
"name": "20060915 McAfee VirusScan Enterprise - disabling the client side \"On-Access Scan\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446220/100/0/threaded"
},
{
"name": "mcafee-virusscan-onaccess-security-bypass(28971)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28971"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1605",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1605"
},
{
"name": "20060915 McAfee VirusScan Enterprise - disabling the client side \"On-Access Scan\"",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446220/100/0/threaded"
},
{
"name": "mcafee-virusscan-onaccess-security-bypass(28971)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28971"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4886",
"datePublished": "2006-09-19T21:00:00",
"dateReserved": "2006-09-19T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8023
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass by assumed-immutable data vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass by assumed-immutable data vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8023",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3496
Vulnerability from cvelistv5
Published
2012-08-22 10:00
Modified
2024-09-16 22:21
Severity ?
EPSS score ?
Summary
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/514356 | mailing-list, x_refsource_BUGTRAQ | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10012 | x_refsource_CONFIRM | |
| http://www.n00bz.net/antivirus-cve | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:44.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101018 Antivirus detection after malware execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.n00bz.net/antivirus-cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-22T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20101018 Antivirus detection after malware execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.n00bz.net/antivirus-cve"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3496",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20101018 Antivirus detection after malware execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012"
},
{
"name": "http://www.n00bz.net/antivirus-cve",
"refsource": "MISC",
"url": "http://www.n00bz.net/antivirus-cve"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3496",
"datePublished": "2012-08-22T10:00:00Z",
"dateReserved": "2010-09-24T00:00:00Z",
"dateUpdated": "2024-09-16T22:21:18.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1538
Vulnerability from cvelistv5
Published
2007-03-20 22:00
Modified
2024-08-07 12:59
Severity ?
EPSS score ?
Summary
McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/33800 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/463187/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html | x_refsource_MISC | |
| http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/463074/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/463091/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1017791 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33800",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33800"
},
{
"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"
},
{
"name": "20070317 Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"
},
{
"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"
},
{
"name": "1017791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33800",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33800"
},
{
"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"
},
{
"name": "20070317 Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"
},
{
"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"
},
{
"name": "1017791",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017791"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33800",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33800"
},
{
"name": "20070319 RE: Bypassing Mcafee Entreprise Password Protection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"
},
{
"name": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html",
"refsource": "MISC",
"url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"
},
{
"name": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html",
"refsource": "MISC",
"url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"
},
{
"name": "20070317 Bypassing Mcafee Entreprise Password Protection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"
},
{
"name": "20070317 Re: Bypassing Mcafee Entreprise Password Protection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"
},
{
"name": "1017791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1538",
"datePublished": "2007-03-20T22:00:00",
"dateReserved": "2007-03-20T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1348
Vulnerability from cvelistv5
Published
2009-04-30 20:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/503173/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34949 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/34780 | vdb-entry, x_refsource_BID | |
| http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:24.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
},
{
"name": "34949",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34949"
},
{
"name": "34780",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34780"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
},
{
"name": "34949",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34949"
},
{
"name": "34780",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34780"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
},
{
"name": "34949",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34949"
},
{
"name": "34780",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34780"
},
{
"name": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1348",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-20T00:00:00",
"dateUpdated": "2024-08-07T05:13:24.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-3585
Vulnerability from cvelistv5
Published
2020-06-10 11:42
Modified
2024-09-16 16:38
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10302 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Version: 8.8.x < 8.8 Patch 14 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:24:19",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "VSE Escalation of Privileges through Alert pop-up window",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3585",
"STATE": "PUBLIC",
"TITLE": "VSE Escalation of Privileges through Alert pop-up window"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3585",
"datePublished": "2020-06-10T11:42:46.145910Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T16:38:13.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4534
Vulnerability from cvelistv5
Published
2016-05-05 18:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2016/Mar/13 | mailing-list, x_refsource_FULLDISC | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10158 | x_refsource_CONFIRM | |
| https://lab.mediaservice.net/advisory/2016-01-mcafee.txt | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39531/ | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html | x_refsource_MISC | |
| http://www.securitytracker.com/id/1035754 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf"
},
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html"
},
{
"name": "1035754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035754"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf"
},
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html"
},
{
"name": "1035754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035754"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4534",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf"
},
{
"name": "20160304 McAfee VirusScan Enterprise security restrictions bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158"
},
{
"name": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt",
"refsource": "MISC",
"url": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"name": "39531",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"name": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html"
},
{
"name": "1035754",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035754"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4534",
"datePublished": "2016-05-05T18:00:00",
"dateReserved": "2016-05-05T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8022
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.654Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass by spoofing vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass by spoofing vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8022",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-6674
Vulnerability from cvelistv5
Published
2018-05-25 13:00
Modified
2024-08-05 06:10
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10237 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | McAfee, LLC | VirusScan Enterprise (VSE) |
Version: 8.8 < 8.8 Patch 13 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": " VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 13",
"status": "affected",
"version": "8.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "Permissions, Privileges, and Access Control (CWE-264)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Privilege Escalation (CWE-274)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Data Leakage via Privilege Escalation (CWE-269)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-12T13:52:38",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
},
"title": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6674",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "8.8",
"version_value": "8.8 Patch 13"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permissions, Privileges, and Access Control (CWE-264)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CWE-274)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Data Leakage via Privilege Escalation (CWE-269)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
]
},
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6674",
"datePublished": "2018-05-25T13:00:00",
"dateReserved": "2018-02-06T00:00:00",
"dateUpdated": "2024-08-05T06:10:10.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-8016
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94823 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037433 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10181 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40911/ | exploit, x_refsource_EXPLOIT-DB |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Intel | VirusScan Enterprise Linux (VSEL) |
Version: 2.0.3 (and earlier) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise Linux (VSEL)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "2.0.3 (and earlier)"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information exposure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "94823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037433"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise Linux (VSEL)",
"version": {
"version_data": [
{
"version_value": "2.0.3 (and earlier)"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"name": "1037433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"name": "40911",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40911/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8016",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-04-19 10:19
Modified
2024-11-21 00:30
Severity ?
Summary
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:p11:*:*:*:*:*:*",
"matchCriteriaId": "B7CA025C-B879-412C-8994-38066C5997E9",
"versionEndIncluding": "8.0i",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en On-Access Scanner de McAfee VirusScan Enterprise versiones anteriores a 8.0i Patch 12, permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante un nombre de fichero largo conteniendo caracteres multi-byte (Unicode)."
}
],
"evaluatorSolution": "The vendor has addressed this issue with the following product update:\r\nhttps://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC",
"id": "CVE-2007-2152",
"lastModified": "2024-11-21T00:30:02.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-04-19T10:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24914"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/324929"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23543"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017928"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1435"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33732"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/324929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750\u0026command=show\u0026forward=nonthreadedKC"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
},
{
"lang": "es",
"value": "Vulnerabilidad de verificaci\u00f3n inapropiada de firma criptogr\u00e1fica en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados suplantar el servidor de actualizaci\u00f3n y ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de entrada manipulado."
}
],
"id": "CVE-2016-8021",
"lastModified": "2024-11-21T02:58:54.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.023",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-22 10:42
Modified
2024-11-21 01:22
Severity ?
Summary
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | 8.0i | |
| mcafee | virusscan_enterprise | 8.0i | |
| mcafee | virusscan_enterprise | 8.5i | |
| mcafee | virusscan_enterprise | 8.6.0 | |
| mcafee | virusscan_enterprise | 8.7.00003 | |
| mcafee | virusscan_enterprise | 8.7.00004 | |
| mcafee | virusscan_enterprise | 8.7i |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A659C5B-D327-4DFA-AB42-12914286D4CE",
"versionEndIncluding": "8.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.0i:*:*:*:*:*:*:*",
"matchCriteriaId": "D02695D4-0A62-4365-BC21-C20A44C093C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.0i:p11:*:*:*:*:*:*",
"matchCriteriaId": "435524F4-62F0-40A7-A214-F0C83145B70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.5i:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64274E-B544-4818-BE30-906B2576AC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "386B89C4-C160-4A60-9088-DFF3B481C1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.7.00003:*:*:*:*:*:*:*",
"matchCriteriaId": "E814F83E-7AA1-480F-B220-EC2C3CF0898A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.7.00004:*:*:*:*:*:*:*",
"matchCriteriaId": "02A93CAB-2ED7-455A-93D1-5A1FD84DAFDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0337CC-0F2B-4840-843C-5FCC89D7FD8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module."
},
{
"lang": "es",
"value": "McAfee VirusScan Enterprise antes de v8.8 permite a los usuarios locales desactivar el producto aprovech\u00e1ndose de privilegios de administrador para ejecutar un m\u00f3dulo de Metasploit Framework no especificado.\r\n"
}
],
"id": "CVE-2010-5143",
"lastModified": "2024-11-21T01:22:33.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-22T10:42:04.240",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10014"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en atributos en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos no autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una entrada de usuario manipulada."
}
],
"id": "CVE-2016-8019",
"lastModified": "2024-11-21T02:58:54.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.947",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de elementos especiales en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados leer archivos en el servidor web a trav\u00e9s de una entrada de usuario manipulada."
}
],
"id": "CVE-2016-8017",
"lastModified": "2024-11-21T02:58:54.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.883",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-08 15:59
Modified
2024-11-21 02:51
Severity ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | active_response | * | |
| mcafee | agent | * | |
| mcafee | data_exchange_layer | * | |
| mcafee | data_loss_prevention_endpoint | * | |
| mcafee | data_loss_prevention_endpoint | * | |
| mcafee | endpoint_security | * | |
| mcafee | host_intrusion_prevention | * | |
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:active_response:*:*:*:*:*:*:*:*",
"matchCriteriaId": "543B3BBE-A5D5-4EC9-BBDE-646EC654CB43",
"versionEndIncluding": "1.1.0.158",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "988ACD16-D8B6-4934-9653-4E10857BFA83",
"versionEndIncluding": "5.0.2.285",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBBB9A7-B7D6-4A59-85CA-A4C840BB9B24",
"versionEndIncluding": "2.0.0.430.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:p5:*:*:*:*:*:*",
"matchCriteriaId": "BC49C347-3C2B-4A2B-BA39-22E70ED3F835",
"versionEndIncluding": "9.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:p1_hf2:*:*:*:*:*:*",
"matchCriteriaId": "68E9052A-ACB0-4791-AFEB-98DBBF537A5B",
"versionEndIncluding": "9.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "997552D0-C322-4E13-8944-C6E56428EE33",
"versionEndIncluding": "10.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:*:p6:*:*:*:*:*:*",
"matchCriteriaId": "EED9A958-538B-4B25-9696-6850508D8D54",
"versionEndIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:p6:*:*:*:*:*:*",
"matchCriteriaId": "EDF04428-E664-4922-B950-DB61BE5AD13F",
"versionEndIncluding": "8.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys."
},
{
"lang": "es",
"value": "El McAfee VirusScan Console (mcconsol.exe) en McAfee Active Response (MAR) en versiones anteriores a 1.1.0.161, Agent (MA) 5.x en versiones anteriores a 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) en versiones anteriores a 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Device Control (MDC) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Endpoint Security (ENS) 10.x en versiones anteriores a 10.1, Host Intrusion Prevention Service (IPS) 8.0 en versiones anteriores a 8.0.0.3624 y VirusScan Enterprise (VSE) 8.8 en versiones anteriores a P7 (8.8.0.1528) en Windows permite a administradores locales eludir las reglas destinadas a la autoprotecci\u00f3n y desactivar el motor del antivirus modificando claves de registro."
}
],
"id": "CVE-2016-3984",
"lastModified": "2024-11-21T02:51:05.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-08T15:59:10.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035130"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39531/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-10 12:15
Modified
2024-11-21 05:36
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch14:*:*:*:windows:*:*",
"matchCriteriaId": "B1DDC36E-F911-4F57-9302-10DF03CE7A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios durante las actualizaciones de DAT diarias cuando se usa McAfee Virus Scan Enterprise (VSE) versiones anteriores a 8.8 Parche 15, permite a usuarios locales causar la eliminaci\u00f3n y creaci\u00f3n de archivos para los que normalmente no tendr\u00edan permiso al alterar el objetivo de los enlaces simb\u00f3licos. Esto es dependiente de la sincronizaci\u00f3n"
}
],
"id": "CVE-2020-7280",
"lastModified": "2024-11-21T05:36:58.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.493",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "trellixpsirt@trellix.com",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n por datos supuestos inmutables en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados eludir autenticaci\u00f3n del servidor trav\u00e9s de una cookie de autenticaci\u00f3n manipulada."
}
],
"id": "CVE-2016-8023",
"lastModified": "2024-11-21T02:58:54.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.057",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-25 16:59
Modified
2024-11-21 02:58
Severity ?
Summary
A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/98041 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10194 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98041 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10194 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:patch8:*:*:*:*:*:*",
"matchCriteriaId": "BE2EE2C2-35B5-4C37-A7EC-38EBE6ADC033",
"versionEndIncluding": "8.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria en el objeto Scriptscan COM en McAfee VirusScan Enterprise 8.8 El parche 8 y versiones anteriores permite a los atacantes remotos crear una denegaci\u00f3n de servicio en la pesta\u00f1a activa de Internet Explorer a trav\u00e9s de un enlace HTML."
}
],
"id": "CVE-2016-8030",
"lastModified": "2024-11-21T02:58:55.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-25T16:59:00.197",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-08 13:15
Modified
2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en McAfee VirusScan Enterprise (VSE) para Linux versiones anteriores a 2.0.3 Hotfix 2635000, permite a usuarios locales eliminar archivos a los que de otro modo no tendr\u00edan acceso por medio de la manipulaci\u00f3n de enlaces simb\u00f3licos para redireccionar una acci\u00f3n de eliminaci\u00f3n de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecuci\u00f3n de un script o programa malicioso en el m\u00e1quina objetivo."
}
],
"id": "CVE-2020-7267",
"lastModified": "2024-11-21T05:36:57.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-08T13:15:11.183",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-19 21:07
Modified
2024-11-21 00:17
Severity ?
Summary
The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | scan_engine | 4.4.00 | |
| mcafee | virusscan_enterprise | 7.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:4.4.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DBD1ABAD-780A-49A7-AD1A-1B8E9BFB644D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E797D6C7-39FE-4A2D-B1CF-32FE75DBB8E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition."
},
{
"lang": "es",
"value": "El componente VirusScan On-Access Scan en McAfee VirusScan Enterprise 7.1.0 y Scan Engine 4.4.00 permite a usuarios locales con privilegios evitar restricciones de seguridad y desactivar la opci\u00f3n On-Access Scan abriendo el programa desde la barra de tareas y haciendo clic r\u00e1pidamente en el bot\u00f3n Disable, posiblemente debido a una \"race condition\" relacionada con la interfaz."
}
],
"id": "CVE-2006-4886",
"lastModified": "2024-11-21T00:17:01.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-19T21:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1605"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/446220/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/446220/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28971"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados obtener informaci\u00f3n del producto a trav\u00e9s del par\u00e1metro de petici\u00f3n HTTP manipulado."
}
],
"id": "CVE-2016-8025",
"lastModified": "2024-11-21T02:58:55.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.133",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-20 22:19
Modified
2024-11-21 00:28
Severity ?
Summary
McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.5i |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.5i:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64274E-B544-4818-BE30-906B2576AC3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection or (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product"
},
{
"lang": "es",
"value": "** IMPUGNADA ** McAfee VirusScan Enterprise 8.5.0.i utiliza permisos inseguros para ciertas claves del registro de Windows, lo cual permite a usuarios locales evitar la protecci\u00f3n local de contrase\u00f1as mediante el valor UIP en (1) HKEY_LOCAL_MACHINE\\SOFTWARE\\McAfee\\DesktopProtection o (2) HKEY_LOCAL_MACHINE\\SOFTWARE\\Network Associates\\TVD\\VirusScan Entreprise\\CurrentVersion. NOTA: este asunto ha sido impugnado por investigadores de una tercera parte, afirmando que los permisos por defecto para HKEY_LOCAL_MACHINE\\SOFTWARE no permiten la escritura y el producto no modifica los permisos heredados. Podr\u00eda haber un error de interacci\u00f3n con otro producto."
}
],
"id": "CVE-2007-1538",
"lastModified": "2024-11-21T00:28:33.897",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-20T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"
},
{
"source": "cve@mitre.org",
"url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/33800"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/33800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/463074/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/463091/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/463187/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017791"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-08 12:15
Modified
2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "90B7841B-A356-4FEC-9BFA-80ADC4E476FB",
"versionEndExcluding": "1.9.2",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "783E4E02-0CAF-4575-AEC1-A115D0BC3471",
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en McAfee VirusScan Enterprise (VSE) para Windows versiones anteriores a 8.8 Parche 14 Hotfix 116778, permite a usuarios locales eliminar archivos a los que de otro modo el usuario no tendr\u00eda acceso por medio de la manipulaci\u00f3n de enlaces simb\u00f3licos para redireccionar una acci\u00f3n de eliminaci\u00f3n de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecuci\u00f3n de un script o programa malicioso en la m\u00e1quina objetivo."
}
],
"id": "CVE-2020-7266",
"lastModified": "2024-11-21T05:36:57.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-08T12:15:12.207",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-23 00:03
Modified
2024-11-21 00:04
Severity ?
Summary
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | common_management_agent | 3.5 | |
| mcafee | virusscan_enterprise | 8.0i |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:common_management_agent:3.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "877F58FB-FAA7-4A01-8F04-E813C51BD710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.0i:p11:*:*:*:*:*:*",
"matchCriteriaId": "435524F4-62F0-40A7-A214-F0C83145B70B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
],
"id": "CVE-2005-4505",
"lastModified": "2024-11-21T00:04:25.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-23T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/292"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015404"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16040"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-16 18:59
Modified
2024-11-21 02:38
Severity ?
Summary
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD85F94E-9E5C-4FDD-B852-751C4DCC74B6",
"versionEndIncluding": "8.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors."
},
{
"lang": "es",
"value": "La funcionalidad Buffer Overflow Protection (BOP) en McAfee VirusScan Enterprise en versiones anteriores a 8.8 Patch 6 asigna la memoria con permisos Read, Write, Execute (RWX) en direcciones predecibles en plataformas de 32-bits cuando est\u00e1 protegiendo otra aplicaci\u00f3n, lo que permite a atacantes eludir los mecanismos de protecci\u00f3n DEP y ASLR a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-8577",
"lastModified": "2024-11-21T02:38:46.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-12-16T18:59:00.123",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"source": "cve@mitre.org",
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/78810"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/78810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10142"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter."
},
{
"lang": "es",
"value": "Exposici\u00f3n de informaci\u00f3n en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados obtener la existencia de archivos no autorizados en el sistema a trav\u00e9s de un par\u00e1metro de URL."
}
],
"id": "CVE-2016-8016",
"lastModified": "2024-11-21T02:58:54.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.7,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.853",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados ejecutar comandos no autorizados a trav\u00e9s de una entrada de usuario manipulada."
}
],
"id": "CVE-2016-8018",
"lastModified": "2024-11-21T02:58:54.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.917",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-10 12:15
Modified
2024-11-21 04:42
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en el cliente (McTray.exe) de Microsoft Windows en McAfee VirusScan Enterprise (VSE) versi\u00f3n 8.8 anterior al parche 14 puede permitir que los usuarios locales interact\u00faen con On-Access Scan Messages - Threat Alert Window con privilegios elevados mediante la ejecuci\u00f3n de McAfee Tray con privilegios elevados"
}
],
"id": "CVE-2019-3585",
"lastModified": "2024-11-21T04:42:13.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.057",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n mediante suplantaci\u00f3n de identidad en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n del servicio a trav\u00e9s de una cookie de autenticaci\u00f3n manipulada."
}
],
"id": "CVE-2016-8022",
"lastModified": "2024-11-21T02:58:54.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.040",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-09 09:15
Modified
2024-11-21 05:37
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "324B63C7-6AA0-4943-935E-85A1F949C509",
"versionEndExcluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:*:*:*",
"matchCriteriaId": "739CE02A-E38F-4B8E-8902-FB6C6DF0C2D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:*:*:*",
"matchCriteriaId": "1D14CEFB-F8A2-4E07-8248-C8DDE8665EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:*:*:*",
"matchCriteriaId": "CA1D6C3D-0496-43DB-85EF-0F9801F8DD54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:*:*:*",
"matchCriteriaId": "586B2C78-640C-475F-9ED3-ECDA83F8B26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:*:*:*",
"matchCriteriaId": "BE55ECB6-2B28-4A1A-A8BA-17ADFB97D61A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:*:*:*",
"matchCriteriaId": "9C79BC0A-E955-4170-AE0C-E6868FF38E92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch14:*:*:*:*:*:*",
"matchCriteriaId": "6E87B844-7FE9-4AB6-8E09-B22A9419079A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch15:*:*:*:*:*:*",
"matchCriteriaId": "C2F27699-3594-4B59-891E-0241AE13D7E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D5550350-5035-41AB-BCD0-D24E669839C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:*:*:*",
"matchCriteriaId": "E7DF43DB-F296-4D0E-89F0-B807DBC750C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:*:*:*",
"matchCriteriaId": "4095418F-39EF-4A47-BCBA-BEE0B81B4E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:*:*:*",
"matchCriteriaId": "441512BE-F8A5-4690-9005-DCAB0EE86CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:*:*:*",
"matchCriteriaId": "04273536-A593-4439-9325-1C57BAAB60D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:*:*:*",
"matchCriteriaId": "CC9F3CB2-5A92-4EBB-B109-44690EE096FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:*:*:*",
"matchCriteriaId": "5AE7C3D5-9771-40A9-B7A3-37EFEFC9FD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:*:*:*",
"matchCriteriaId": "61ADDBB0-F71D-46D1-9DB5-38905954C33A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Asignaci\u00f3n de Permisos Incorrecta de Recursos Cr\u00edticos en McAfee VirusScan Enterprise (VSE) versiones anteriores a 8.8 Parche 16 permite a administradores locales omitir la protecci\u00f3n de seguridad local por medio de VSE que no se integra correctamente con Windows Defender Application Control mediante la manipulaci\u00f3n cuidadosa de las comprobaciones de Integridad del C\u00f3digo"
}
],
"id": "CVE-2020-7337",
"lastModified": "2024-11-21T05:37:05.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-09T09:15:13.200",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inapropiada de secuencias CRLF en cabeceras HTTP en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados obtener informaci\u00f3n sensible a trav\u00e9s de la suplantaci\u00f3n de la respuesta HTTP del servidor."
}
],
"id": "CVE-2016-8024",
"lastModified": "2024-11-21T02:58:55.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.087",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-113"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-10 12:15
Modified
2024-11-21 04:42
Severity ?
6.3 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en el cliente (McTray.exe) de Microsoft Windows en McAfee VirusScan Enterprise (VSE) versi\u00f3n 8.8 anterior al Parche 14 puede permitir que usuarios no autorizados interact\u00faen con On-Access Scan Messages - Threat Alert Window cuando la Pantalla de Inicio de Sesi\u00f3n de Windows est\u00e1 bloqueada"
}
],
"id": "CVE-2019-3588",
"lastModified": "2024-11-21T04:42:13.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.167",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-05 18:59
Modified
2024-11-21 02:52
Severity ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8.0 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "610253E5-E519-42DB-9A60-0385099D1AA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles."
},
{
"lang": "es",
"value": "La McAfee VirusScan Console (mcconsol.exe) en McAfee VirusScan Enterprise 8.8.0 en versiones anteriores a Hotfix 1123565 (8.8.0.1546) sobre Windows permite a administradores locales eludir reglas destinadas a la autoprotecci\u00f3n y desbloquear la ventana de consola cerrando handles de registro."
}
],
"id": "CVE-2016-4534",
"lastModified": "2024-11-21T02:52:25.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.0,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-05T18:59:12.867",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1035754"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39531/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2016/Mar/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://lab.mediaservice.net/advisory/2016-01-mcafee.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.exploit-db.com/exploits/39531/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-25 13:29
Modified
2024-11-21 04:11
Severity ?
6.8 (Medium) - CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
3.9 (Low) - CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
3.9 (Low) - CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "610253E5-E519-42DB-9A60-0385099D1AA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
},
{
"lang": "es",
"value": "Vulnerabilidad de escalada de privilegios en el cliente (McTray.exe) de Microsoft Windows en VirusScan Enterprise (VSE) de McAfee versi\u00f3n 8.8 anterior a parche 13, permite a los usuarios locales causar procesos no relacionados con privilegios elevados por medio del administrador de sistema que otorga privilegios elevados a McTray.exe (por defecto, se ejecuta con los privilegios del usuario actual)."
}
],
"id": "CVE-2018-6674",
"lastModified": "2024-11-21T04:11:05.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.2,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-25T13:29:00.333",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-22 10:42
Modified
2024-11-21 01:11
Severity ?
Summary
Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | 8.0i | |
| mcafee | virusscan_enterprise | 8.0i |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "757AF04E-EDD3-480F-A494-0FFF2CB93B44",
"versionEndIncluding": "8.5i",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.0i:*:*:*:*:*:*:*",
"matchCriteriaId": "D02695D4-0A62-4365-BC21-C20A44C093C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.0i:p11:*:*:*:*:*:*",
"matchCriteriaId": "435524F4-62F0-40A7-A214-F0C83145B70B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share."
},
{
"lang": "es",
"value": "Vulnerabilidad de path de b\u00fasqueda no confiable en McAfee VirusScan Enterprise before v8.7i permite a usuarios locales obtener privilegios a trav\u00e9s de una DLL troyanizada en un directorio no especificado, como se demostr\u00f3 escaneando un documento que estaba en un recurso compartido remoto."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426 Untrusted Search Path\u0027\r\n",
"evaluatorImpact": "Per: https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013\r\n\r\n\u0027Access Vector Remote\u0027",
"id": "CVE-2009-5118",
"lastModified": "2024-11-21T01:11:12.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-08-22T10:42:03.693",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78448"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10013"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de control inapropiado de generaci\u00f3n de c\u00f3digo en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de un par\u00e1metro de petici\u00f3n HTTP manipulado."
}
],
"id": "CVE-2016-8020",
"lastModified": "2024-11-21T02:58:54.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.977",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-22 10:42
Modified
2024-11-21 01:18
Severity ?
Summary
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.5i | |
| mcafee | virusscan_enterprise | 8.7i |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.5i:*:*:*:*:*:*:*",
"matchCriteriaId": "AB64274E-B544-4818-BE30-906B2576AC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.7i:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0337CC-0F2B-4840-843C-5FCC89D7FD8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution."
},
{
"lang": "es",
"value": "McAfee VirusScan Enterprise v8.5i y v8.7i no interact\u00faan de forma adecuada con el procesado de URLs hcp:// debido a la ayuda y centro de soporte de Microsoft, lo que facilita a los atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de malware que se detecta correctamente por este producto, pero con una detecci\u00f3n que se produce demasiado tarde para detener la ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2010-3496",
"lastModified": "2024-11-21T01:18:52.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-22T10:42:03.990",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.n00bz.net/antivirus-cve"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.n00bz.net/antivirus-cve"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10012"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-30 20:30
Modified
2024-11-21 01:02
Severity ?
Summary
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55875615-29A3-4092-975C-60E9C8FAB03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A14000E-6A4C-474B-A92B-473A0EB0C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35188DE1-99A4-42B1-81C3-E2ECBD589605",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7C68CA8-9525-4FBA-A873-F17524D3F595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "7E69BB96-F48B-43DA-BA7B-530E5148CCC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "B978BD2B-D454-49BB-81A4-EABA14E75600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC106925-640E-4318-BDED-A9F904961AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53275048-EE57-4204-86FA-BC6B8D5D614F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E7A0A32-C1B6-465D-ABB3-156C570A0E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C7EE0B-F166-478E-B800-B4D429B26F93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD4E524-C466-4FB5-92FD-7EDAEEAE1F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1FAB752-311E-4594-AE25-34BD02844578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BCC0FD-E09A-495A-926A-FE080BE46A20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*",
"matchCriteriaId": "316D3C1B-D7E4-4FA9-B5CD-72D18BE775EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*",
"matchCriteriaId": "C64CDC92-E9CD-446A-9ADE-B10A28E20A3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*",
"matchCriteriaId": "019C46AA-7537-4930-BDC8-8EA0F6C5A216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4CF979-7A55-4712-9B48-D885B746B62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42D0FC30-BAA5-4677-A3E5-C7A6DEB8BE0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
},
{
"lang": "es",
"value": "El AV engine antes de DAT 5600 en McAfee VirusScan, Total Protection, Internet Security, SecurityShield para Microsoft ISA Server, Security para Microsoft Sharepoint, Security para Email Servers, Email Gateway, y Active Virus Defense permite a atacantes remotos eludir la detecci\u00f3n de virus a trav\u00e9s de (1) un campo Headflags inv\u00e1lido de un archivo RAR malformado, (2) un campo Packsize inv\u00e1lido de un archivo RAR malformado, o (3) un campo Filelength de un archivo ZIP malformado."
}
],
"id": "CVE-2009-1348",
"lastModified": "2024-11-21T01:02:15.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-30T20:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34949"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34780"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}