CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25045
https://notcve.org/view.php?id=CVE-2020-25045
Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. Los instaladores de Kaspersky Security Center y Kaspersky Security Center Web Console versiones anteriores a 12 y anteriores a 12 Parche A, eran vulnerables a un ataque de secuestro de DLL que permitía a un atacante elevar los privilegios en el sistema • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#290720 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 54%CPEs: 10EXPL: 1CVE-2007-2584 – McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2584
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. Desbordamiento de búfer en la función IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar código de su elección mediante un argumento manipulado. • https://www.exploit-db.com/exploits/3893 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528 http://osvdb.org/35874 http://secunia.com/advisories/25173 http://ts.mcafeehelp.com/faq3.asp?docid=419189 http://www.securityfocus.com/bid/23888 http://www.securityfocus.com/bid/23909 http://www.securitytracker.com/id?1018028 http://www.vupen.com/english/advisories/2007/1717 https://exchange.xforce.ibmcloud.com/vulnerabilities/34179 •