CVE-2015-8577
https://notcve.org/view.php?id=CVE-2015-8577
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. La funcionalidad Buffer Overflow Protection (BOP) en McAfee VirusScan Enterprise en versiones anteriores a 8.8 Patch 6 asigna la memoria con permisos Read, Write, Execute (RWX) en direcciones predecibles en plataformas de 32-bits cuando está protegiendo otra aplicación, lo que permite a atacantes eludir los mecanismos de protección DEP y ASLR a través de vectores no especificados. • http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations http://www.securityfocus.com/bid/78810 https://kc.mcafee.com/corporate/index?page=content&id=SB10142 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-5143
https://notcve.org/view.php?id=CVE-2010-5143
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. McAfee VirusScan Enterprise antes de v8.8 permite a los usuarios locales desactivar el producto aprovechándose de privilegios de administrador para ejecutar un módulo de Metasploit Framework no especificado. • https://kc.mcafee.com/corporate/index?page=content&id=SB10014 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-5118
https://notcve.org/view.php?id=CVE-2009-5118
Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share. Vulnerabilidad de path de búsqueda no confiable en McAfee VirusScan Enterprise before v8.7i permite a usuarios locales obtener privilegios a través de una DLL troyanizada en un directorio no especificado, como se demostró escaneando un documento que estaba en un recurso compartido remoto. • https://exchange.xforce.ibmcloud.com/vulnerabilities/78448 https://kc.mcafee.com/corporate/index?page=content&id=SB10013 •
CVE-2010-3496
https://notcve.org/view.php?id=CVE-2010-3496
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. McAfee VirusScan Enterprise v8.5i y v8.7i no interactúan de forma adecuada con el procesado de URLs hcp:// debido a la ayuda y centro de soporte de Microsoft, lo que facilita a los atacantes remotos ejecutar código a través de malware que se detecta correctamente por este producto, pero con una detección que se produce demasiado tarde para detener la ejecución de código. • http://www.n00bz.net/antivirus-cve http://www.securityfocus.com/archive/1/514356 https://kc.mcafee.com/corporate/index?page=content&id=SB10012 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-2152
https://notcve.org/view.php?id=CVE-2007-2152
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters. Desbordamiento de búfer en On-Access Scanner de McAfee VirusScan Enterprise versiones anteriores a 8.0i Patch 12, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un nombre de fichero largo conteniendo caracteres multi-byte (Unicode). • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=515 http://secunia.com/advisories/24914 http://www.kb.cert.org/vuls/id/324929 http://www.securityfocus.com/bid/23543 http://www.securitytracker.com/id?1017928 http://www.vupen.com/english/advisories/2007/1435 https://exchange.xforce.ibmcloud.com/vulnerabilities/33732 https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=612750&command=show&forward=nonthreadedKC •