CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8577
https://notcve.org/view.php?id=CVE-2015-8577
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. La funcionalidad Buffer Overflow Protection (BOP) en McAfee VirusScan Enterprise en versiones anteriores a 8.8 Patch 6 asigna la memoria con permisos Read, Write, Execute (RWX) en direcciones predecibles en plataformas de 32-bits cuando está protegiendo otra aplicación, lo que permite a atacantes eludir los mecanismos de protección DEP y ASLR a través de vectores no especificados. • http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations http://www.securityfocus.com/bid/78810 https://kc.mcafee.com/corporate/index?page=content&id=SB10142 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2009-5118
https://notcve.org/view.php?id=CVE-2009-5118
Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share. Vulnerabilidad de path de búsqueda no confiable en McAfee VirusScan Enterprise before v8.7i permite a usuarios locales obtener privilegios a través de una DLL troyanizada en un directorio no especificado, como se demostró escaneando un documento que estaba en un recurso compartido remoto. • https://exchange.xforce.ibmcloud.com/vulnerabilities/78448 https://kc.mcafee.com/corporate/index?page=content&id=SB10013 •
CVSS: 2.6EPSS: 0%CPEs: 8EXPL: 0CVE-2010-5143
https://notcve.org/view.php?id=CVE-2010-5143
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. McAfee VirusScan Enterprise antes de v8.8 permite a los usuarios locales desactivar el producto aprovechándose de privilegios de administrador para ejecutar un módulo de Metasploit Framework no especificado. • https://kc.mcafee.com/corporate/index?page=content&id=SB10014 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.4EPSS: 2%CPEs: 2EXPL: 1CVE-2010-3496
https://notcve.org/view.php?id=CVE-2010-3496
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. McAfee VirusScan Enterprise v8.5i y v8.7i no interactúan de forma adecuada con el procesado de URLs hcp:// debido a la ayuda y centro de soporte de Microsoft, lo que facilita a los atacantes remotos ejecutar código a través de malware que se detecta correctamente por este producto, pero con una detección que se produce demasiado tarde para detener la ejecución de código. • http://www.n00bz.net/antivirus-cve http://www.securityfocus.com/archive/1/514356 https://kc.mcafee.com/corporate/index?page=content&id=SB10012 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.6EPSS: 0%CPEs: 20EXPL: 0CVE-2009-1348
https://notcve.org/view.php?id=CVE-2009-1348
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive. El AV engine antes de DAT 5600 en McAfee VirusScan, Total Protection, Internet Security, SecurityShield para Microsoft ISA Server, Security para Microsoft Sharepoint, Security para Email Servers, Email Gateway, y Active Virus Defense permite a atacantes remotos eludir la detección de virus a través de (1) un campo Headflags inválido de un archivo RAR malformado, (2) un campo Packsize inválido de un archivo RAR malformado, o (3) un campo Filelength de un archivo ZIP malformado. • http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html http://secunia.com/advisories/34949 http://www.securityfocus.com/archive/1/503173/100/0/threaded http://www.securityfocus.com/bid/34780 https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT • CWE-20: Improper Input Validation •