CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3912 – McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass
https://notcve.org/view.php?id=CVE-2017-3912
18 Sep 2018 — Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility. Vulnerabilidad de omisión de contraseña de seguridad en McAfee Application and Change Control (MACC) 7.0.1 y 6.2.0 permite que usuarios autenticados ejecuten comandos arbitrarios mediante una utilidad de línea de comandos arbitrarios. • http://www.securityfocus.com/bid/102988 • CWE-274: Improper Handling of Insufficient Privileges CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-8009
https://notcve.org/view.php?id=CVE-2016-8009
14 Mar 2017 — Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. Vulnerabilidad de escalada de privilegios en Intel Security McAfee Application Control (MAC) versiones 7.0 y 6.x permite a atacantes provocar DoS, comportamiento inesperado o potencialmente ejecución de código no autorizada a través de un uso no autorizado de llamada IOC... • https://kc.mcafee.com/corporate/index?page=content&id=SB10175 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8010
https://notcve.org/view.php?id=CVE-2016-8010
14 Mar 2017 — Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. Vulnerabilidad de elusión de protecciones de aplicaciones en Intel Security McAfee Application Control (MAC) 7.0 y versiones anteriores y Endpoint Security (ENS) 10.2 y versiones anteriores permite a usuarios locales eludir la protección de seguridad local a través de una... • http://www.securityfocus.com/bid/94661 • CWE-284: Improper Access Control •
CVSS: 6.6EPSS: 0%CPEs: 6EXPL: 0CVE-2016-1715 – McAfee Application Control Kernel Driver Memory Corruption Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2016-1715
08 Jan 2016 — The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location. El controlador del kernel swin.sys en McAfee Application Control (MAC) 6.1.0 en versiones anteriore... • http://www.zerodayinitiative.com/advisories/ZDI-16-007 • CWE-189: Numeric Errors •