CVSS: 10.0EPSS: 34%CPEs: 10EXPL: 1CVE-2007-2584 – McAfee Security Center IsOldAppInstalled - ActiveX Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-2584
09 May 2007 — Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. Desbordamiento de búfer en la función IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar código de su e... • https://www.exploit-db.com/exploits/3893 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6474
https://notcve.org/view.php?id=CVE-2006-6474
14 Dec 2006 — Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. Vulnerabilidad de ruta de búsqueda no confiable en McAfee VirusScan para Linux 4510e y versiones anteriores, incluye el directorio de trabajo actual en la variable de entorno DT_RPATH, que permite a usuarios lo... • http://secunia.com/advisories/23278 •
CVSS: 9.8EPSS: 70%CPEs: 25EXPL: 1CVE-2006-3961 – McAfee Subscription Manager - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3961
01 Aug 2006 — Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. Desbordamiento de búfer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 200... • https://www.exploit-db.com/exploits/16510 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3575
https://notcve.org/view.php?id=CVE-2006-3575
13 Jul 2006 — Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. Vulnerabilidad desconocida en la protección de desbordamiento de búfer en McAfee VirusScan Enterprise 8.0.0 permite a usuarios locales provocar denegación de servicio (operación inestable) a través de una cadena larga en los campos (1) "Process name", (2) "Mod... • http://securityreason.com/securityalert/1216 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0831
https://notcve.org/view.php?id=CVE-2004-0831
14 Sep 2004 — McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges. • http://marc.info/?l=bugtraq&m=109526269429728&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2282
https://notcve.org/view.php?id=CVE-2002-2282
31 Dec 2002 — McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0007.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2000-1128
https://notcve.org/view.php?id=CVE-2000-1128
19 Dec 2000 — The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0073.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0650
https://notcve.org/view.php?id=CVE-2000-0650
11 Jul 2000 — The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse. • http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0502
https://notcve.org/view.php?id=CVE-2000-0502
08 Jun 2000 — Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1195
https://notcve.org/view.php?id=CVE-1999-1195
05 May 1999 — NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. • http://marc.info/?l=bugtraq&m=92588169005196&w=2 •