CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25045
https://notcve.org/view.php?id=CVE-2020-25045
Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. Los instaladores de Kaspersky Security Center y Kaspersky Security Center Web Console versiones anteriores a 12 y anteriores a 12 Parche A, eran vulnerables a un ataque de secuestro de DLL que permitía a un atacante elevar los privilegios en el sistema • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 54%CPEs: 10EXPL: 1CVE-2007-2584 – McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. Desbordamiento de búfer en la función IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar código de su elección mediante un argumento manipulado. • https://www.exploit-db.com/exploits/3893 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528 http://osvdb.org/35874 http://secunia.com/advisories/25173 http://ts.mcafeehelp.com/faq3.asp?docid=419189 http://www.securityfocus.com/bid/23888 http://www.securityfocus.com/bid/23909 http://www.securitytracker.com/id?1018028 http://www.vupen.com/english/advisories/2007/1717 https://exchange.xforce.ibmcloud.com/vulnerabilities/34179 •
CVSS: 6.8EPSS: 86%CPEs: 25EXPL: 1CVE-2006-3961 – McAfee Subscription Manager - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. Desbordamiento de búfer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervención del usuario ejecutar comandos de su elección a través de paráametros string, los cuales son posteriormente usados en vsprintf. • https://www.exploit-db.com/exploits/16510 http://secunia.com/advisories/21264 http://securitytracker.com/id?1016614 http://ts.mcafeehelp.com/faq3.asp?docid=407052 http://www.eeye.com/html/research/advisories/AD2006807.html http://www.eeye.com/html/research/upcoming/20060719.html http://www.kb.cert.org/vuls/id/481212 http://www.osvdb.org/27698 http://www.securityfocus.com/archive/1/442495/100/100/threaded http://www.securityfocus.com/bid/19265 http://www.vupen. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •