CVSS: 10.0EPSS: 54%CPEs: 10EXPL: 1CVE-2007-2584 – McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. Desbordamiento de búfer en la función IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar código de su elección mediante un argumento manipulado. • https://www.exploit-db.com/exploits/3893 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528 http://osvdb.org/35874 http://secunia.com/advisories/25173 http://ts.mcafeehelp.com/faq3.asp?docid=419189 http://www.securityfocus.com/bid/23888 http://www.securityfocus.com/bid/23909 http://www.securitytracker.com/id?1018028 http://www.vupen.com/english/advisories/2007/1717 https://exchange.xforce.ibmcloud.com/vulnerabilities/34179 •
CVSS: 7.9EPSS: 78%CPEs: 1EXPL: 0CVE-2007-2152
https://notcve.org/view.php?id=CVE-2007-2152
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters. Desbordamiento de búfer en On-Access Scanner de McAfee VirusScan Enterprise versiones anteriores a 8.0i Patch 12, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un nombre de fichero largo conteniendo caracteres multi-byte (Unicode). • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515 http://secunia.com/advisories/24914 http://www.kb.cert.org/vuls/id/324929 http://www.securityfocus.com/bid/23543 http://www.securitytracker.com/id?1017928 http://www.vupen.com/english/advisories/2007/1435 https://exchange.xforce.ibmcloud.com/vulnerabilities/33732 https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC •
CVSS: 5.0EPSS: 7%CPEs: 5EXPL: 0CVE-2007-2151
https://notcve.org/view.php?id=CVE-2007-2151
The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap over-read. El servidor de administración en McAfee e-Business Server versiones anteriores a 8.1.1 y 8.5.x versiones anteriores a 8.5.2, permite a atacantes remotos provocar una denegación de servicio (caída de servicio) mediante un valor de longitud larga en un paquete de autenticación mal-formado, que dispara sobre-lectura de montón. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=516 http://secunia.com/advisories/24893 http://www.securityfocus.com/bid/23544 http://www.securitytracker.com/id?1017929 http://www.vupen.com/english/advisories/2007/1434 https://exchange.xforce.ibmcloud.com/vulnerabilities/33730 https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612751&command=show&forward=nonthreadedKC •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1538
https://notcve.org/view.php?id=CVE-2007-1538
McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product ** IMPUGNADA ** McAfee VirusScan Enterprise 8.5.0.i utiliza permisos inseguros para ciertas claves del registro de Windows, lo cual permite a usuarios locales evitar la protección local de contraseñas mediante el valor UIP en (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection o (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTA: este asunto ha sido impugnado por investigadores de una tercera parte, afirmando que los permisos por defecto para HKEY_LOCAL_MACHINE\SOFTWARE no permiten la escritura y el producto no modifica los permisos heredados. Podría haber un error de interacción con otro producto. • http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html http://homepage.mac.com/adonismac/Advisory/crack_mcafee_password_protection.html http://www.osvdb.org/33800 http://www.securityfocus.com/archive/1/463074/100/0/threaded http://www.securityfocus.com/archive/1/463091/100/0/threaded http://www.securityfocus.com/archive/1/463187/100/0/threaded http://www.securitytracker.com/id?1017791 •
CVSS: 9.3EPSS: 87%CPEs: 5EXPL: 0CVE-2007-1498
https://notcve.org/view.php?id=CVE-2007-1498
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call. Múltiples desbordamientos de búfer basados en pila en el control ActiveX Site Manager.SiteMgr.1 (SiteManager.dll) en la consola de administración ePO de McAfee ePolicy Orchestrator (ePO) anterior a 3.6.1 Patch 1 y ProtectionPilot (PRP) anterior a 1.5.0 HotFix permiten a atacantes remotos ejecutar código de su elección mediante un argumento largo para las funciones (1) ExportSiteList y (2) VerifyPackageCatalog, y (3) vectores no especificados relacionados con una llamada a la función swprintf. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html http://secunia.com/advisories/24466 http://securityreason.com/securityalert/2444 http://www.kb.cert.org/vuls/id/714593 http://www.securityfocus.com/bid/22952 http://www.securitytracker.com/id?1017757 http://www.vupen.com/english/advisories/2007/0931 https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html •