Page 2 of 10 results (0.003 seconds)

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0007.html http://www.securityfocus.com/bid/6288 https://exchange.xforce.ibmcloud.com/vulnerabilities/10741 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 2

The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0073.html http://www.securityfocus.com/bid/1920 •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse. • http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753 http://www.osvdb.org/1458 http://www.osvdb.org/4200 http://www.securityfocus.com/bid/1458 https://exchange.xforce.ibmcloud.com/vulnerabilities/5177 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html http://www.osvdb.org/6287 http://www.securityfocus.com/bid/1326 https://exchange.xforce.ibmcloud.com/vulnerabilities/4641 •

CVSS: 5.1EPSS: 1%CPEs: 1EXPL: 0

NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. • http://marc.info/?l=bugtraq&m=92588169005196&w=2 http://marc.info/?l=ntbugtraq&m=92587579032534&w=2 http://www.securityfocus.com/bid/169 •