CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3582 – McAfee Endpoint Security updates fix a privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2019-3582
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. Una vulnerabilidad de escalado de privilegios en el cliente de Microsoft Windows en McAfee Endpoint Security (ENS), en versiones 10.6.1 y anteriores, permite a los usuarios locales ganar privilegios elevados gracias a unas circunstancias específicas. • https://kc.mcafee.com/corporate/index?page=content&id=SB10254 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6316
https://notcve.org/view.php?id=CVE-2018-6316
Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código. • https://community.ivanti.com/docs/DOC-65656 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8010
https://notcve.org/view.php?id=CVE-2016-8010
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. Vulnerabilidad de elusión de protecciones de aplicaciones en Intel Security McAfee Application Control (MAC) 7.0 y versiones anteriores y Endpoint Security (ENS) 10.2 y versiones anteriores permite a usuarios locales eludir la protección de seguridad local a través de una utilidad de comando de línea. • http://www.securityfocus.com/bid/94661 https://kc.mcafee.com/corporate/index?page=content&id=SB10179 • CWE-284: Improper Access Control •
CVSS: 5.1EPSS: 0%CPEs: 8EXPL: 2CVE-2016-3984 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-3984
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. El McAfee VirusScan Console (mcconsol.exe) en McAfee Active Response (MAR) en versiones anteriores a 1.1.0.161, Agent (MA) 5.x en versiones anteriores a 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) en versiones anteriores a 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Device Control (MDC) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Endpoint Security (ENS) 10.x en versiones anteriores a 10.1, Host Intrusion Prevention Service (IPS) 8.0 en versiones anteriores a 8.0.0.3624 y VirusScan Enterprise (VSE) 8.8 en versiones anteriores a P7 (8.8.0.1528) en Windows permite a administradores locales eludir las reglas destinadas a la autoprotección y desactivar el motor del antivirus modificando claves de registro. • https://www.exploit-db.com/exploits/39531 http://lab.mediaservice.net/advisory/2016-01-mcafee.txt http://seclists.org/fulldisclosure/2016/Mar/13 http://www.securitytracker.com/id/1035130 https://kc.mcafee.com/corporate/index?page=content&id=SB10151 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 18%CPEs: 16EXPL: 1CVE-2006-5645 – Sophos / Trend Micro AntiVirus - '.RAR' File Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2006-5645
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero. Sophos Anti-Virus y Endpoint Security anteriores a 6.0.5, Anti-virus para Linux 5.0.10, y otras plataformas en versiones anteriores a la 4.11, permite a atacantes remotos causar denegación de servicio (bucle infinito) mediante un fichero RAR mal formado con una sección de Cabecera de Archivo con los campos head_size y pack_size puestos a cero. • https://www.exploit-db.com/exploits/2912 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 http://secunia.com/advisories/22591 http://securitytracker.com/id?1017132 http://www.securityfocus.com/archive/1/474683/100/0/threaded http://www.securityfocus.com/bid/20816 http://www.securitytracker.com/id?1018450 http://www.sophos.com/support/knowledgebase/article/7609.html http://www.vupen.com/english/advisories/2006/4239 • CWE-399: Resource Management Errors •