CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8577
https://notcve.org/view.php?id=CVE-2015-8577
16 Dec 2015 — The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. La funcionalidad Buffer Overflow Protection (BOP) en McAfee VirusScan Enterprise en versiones anteriores a 8.8 Patch 6 asigna la memoria con permisos Read, Write, Execute (RWX) ... • http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0CVE-2010-5143
https://notcve.org/view.php?id=CVE-2010-5143
22 Aug 2012 — McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. McAfee VirusScan Enterprise antes de v8.8 permite a los usuarios locales desactivar el producto aprovechándose de privilegios de administrador para ejecutar un módulo de Metasploit Framework no especificado. • https://kc.mcafee.com/corporate/index?page=content&id=SB10014 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2009-5118
https://notcve.org/view.php?id=CVE-2009-5118
22 Aug 2012 — Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share. Vulnerabilidad de path de búsqueda no confiable en McAfee VirusScan Enterprise before v8.7i permite a usuarios locales obtener privilegios a través de una DLL troyanizada en un directorio no especificado, como se demostró escaneando un documento que estaba en un recurso compar... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78448 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2010-3496
https://notcve.org/view.php?id=CVE-2010-3496
22 Aug 2012 — McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. McAfee VirusScan Enterprise v8.5i y v8.7i no interactúan de forma adecuada con el procesado de URLs hcp:// debido a la ayuda y centro de soporte de Microsoft, lo ... • http://www.n00bz.net/antivirus-cve • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.6EPSS: 0%CPEs: 20EXPL: 0CVE-2009-1348
https://notcve.org/view.php?id=CVE-2009-1348
30 Apr 2009 — The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive. El AV engine antes de DAT 5600 en McAfee Virus... • http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 22%CPEs: 1EXPL: 0CVE-2007-2152
https://notcve.org/view.php?id=CVE-2007-2152
19 Apr 2007 — Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters. Desbordamiento de búfer en On-Access Scanner de McAfee VirusScan Enterprise versiones anteriores a 8.0i Patch 12, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un nombre de fichero largo conteniendo caracteres multi-byte (Unicode). • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1538
https://notcve.org/view.php?id=CVE-2007-1538
20 Mar 2007 — McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product d... • http://homepage.mac.com/adonismac/Advisory/bypass_mcafee_entreprise_password.html •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2006-4886
https://notcve.org/view.php?id=CVE-2006-4886
19 Sep 2006 — The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition. El componente VirusScan On-Access Scan en McAfee VirusScan Enterprise 7.1.0 y Scan Engine 4.4.00 permite a usuarios locales con privilegios evitar restricciones de seguridad y des... • http://securityreason.com/securityalert/1605 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2005-4505 – McAfee VirusScan 8.0 - Path Specification Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-4505
23 Dec 2005 — Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path. • https://www.exploit-db.com/exploits/26970 •