Summary
Detail | |||
---|---|---|---|
Vendor | Mcafee | First view | 2012-08-22 |
Product | Virusscan Enterprise | Last view | 2020-12-09 |
Version | 8.7.00004 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:mcafee:virusscan_enterprise |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.7 | 2020-12-09 | CVE-2020-7337 | Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks. |
4.3 | 2017-04-25 | CVE-2016-8030 | A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link. |
5.1 | 2016-04-08 | CVE-2016-3984 | The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. |
2.6 | 2015-12-16 | CVE-2015-8577 | The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. |
2.6 | 2012-08-22 | CVE-2010-5143 | McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
40% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
20% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
20% (1) | CWE-284 | Access Control (Authorization) Issues |
20% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2017-05-11 | Name: The antivirus application installed on the remote Windows host is affected by... File: mcafee_vse_sb10194.nasl - Type: ACT_GATHER_INFO |
2015-12-18 | Name: The remote Windows host has an antivirus application installed that is affect... File: mcafee_vse_sb10142.nasl - Type: ACT_GATHER_INFO |
2014-01-29 | Name: The remote Windows host has an antivirus application that is affected by a CL... File: mcafee_vse_sb10014.nasl - Type: ACT_GATHER_INFO |