CVSS: 10.0EPSS: 54%CPEs: 10EXPL: 1CVE-2007-2584 – McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. Desbordamiento de búfer en la función IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar código de su elección mediante un argumento manipulado. • https://www.exploit-db.com/exploits/3893 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528 http://osvdb.org/35874 http://secunia.com/advisories/25173 http://ts.mcafeehelp.com/faq3.asp?docid=419189 http://www.securityfocus.com/bid/23888 http://www.securityfocus.com/bid/23909 http://www.securitytracker.com/id?1018028 http://www.vupen.com/english/advisories/2007/1717 https://exchange.xforce.ibmcloud.com/vulnerabilities/34179 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6474
https://notcve.org/view.php?id=CVE-2006-6474
Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. Vulnerabilidad de ruta de búsqueda no confiable en McAfee VirusScan para Linux 4510e y versiones anteriores, incluye el directorio de trabajo actual en la variable de entorno DT_RPATH, que permite a usuarios locales cargar bibliotecas ELF DSO de su elección y ejecutar código de su elección instalando bibliotecas maliciosas en ese directorio. • http://secunia.com/advisories/23278 http://secunia.com/advisories/23429 http://security.gentoo.org/glsa/glsa-200612-15.xml http://securitytracker.com/id?1017385 http://www.securityfocus.com/bid/21592 http://www.vupen.com/english/advisories/2006/5023 https://exchange.xforce.ibmcloud.com/vulnerabilities/30898 •
CVSS: 6.8EPSS: 86%CPEs: 25EXPL: 1CVE-2006-3961 – McAfee Subscription Manager - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. Desbordamiento de búfer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervención del usuario ejecutar comandos de su elección a través de paráametros string, los cuales son posteriormente usados en vsprintf. • https://www.exploit-db.com/exploits/16510 http://secunia.com/advisories/21264 http://securitytracker.com/id?1016614 http://ts.mcafeehelp.com/faq3.asp?docid=407052 http://www.eeye.com/html/research/advisories/AD2006807.html http://www.eeye.com/html/research/upcoming/20060719.html http://www.kb.cert.org/vuls/id/481212 http://www.osvdb.org/27698 http://www.securityfocus.com/archive/1/442495/100/100/threaded http://www.securityfocus.com/bid/19265 http://www.vupen. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3575
https://notcve.org/view.php?id=CVE-2006-3575
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. Vulnerabilidad desconocida en la protección de desbordamiento de búfer en McAfee VirusScan Enterprise 8.0.0 permite a usuarios locales provocar denegación de servicio (operación inestable) a través de una cadena larga en los campos (1) "Process name", (2) "Module name", o (3) "API name". • http://securityreason.com/securityalert/1216 http://securitytracker.com/id?1016450 http://www.securityfocus.com/archive/1/439430/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27625 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0831
https://notcve.org/view.php?id=CVE-2004-0831
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges. • http://marc.info/?l=bugtraq&m=109526269429728&w=2 http://www.idefense.com/application/poi/display?id=140&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/17367 •