Searching mcafee software vulnerabilities

The default configurations for McAfee Virus Sca

configurations | Anti-Virus | malicious | attackers | detection | checkers | RECYCLED | Recycle | without | Windows | default | utility | allows | Norton | McAfee | folder | Virus | store | which | files | check | code | Scan | used | Bin | not |

The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.


The default configuration of McAfee VirusScan 4

configuration | "commonexe" | improperly | ImagePath | VirusScan | variable | program | default | search | allows | Trojan | McAfee | place | users | horse | quote | which | local | does | sets | path | not |

The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.


McAfee WebShield SMTP 4.5 allows remote attacke

characters | attachment | including | attackers | WebShield | filtering | Extended | content | remote | allows | McAfee | bypass | email | ASCII | rules | name | SMTP |

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.


Format string vulnerability in McAfee Security

vulnerability | Orchestrator | Security | ePolicy | Format | string | McAfee |

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.


Heap-based buffer overflow in ePO agent for McA

Orchestrator | Heap-based | overflow | ePolicy | McAfee | buffer | agent | ePO |

Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.


Directory traversal vulnerability in ePO agent

vulnerability | Orchestrator | arbitrary | attackers | traversal | Directory | ePolicy | request | certain | remote | McAfee | allows | agent | files | HTTP | read | ePO | via |

Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.


McAfee VirusScan 4.5.1 does not drop SYSTEM pri

VirusScan | McAfee |

McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.


Mcafee FreeScan allows remote attackers to caus

attackers | arbitrary | ScanParam | possibly | property | overflow | FreeScan | service | trigger | string | object | Mcafee | remote | denial | buffer | allows | which | cause | code | long | may | via |

Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow.


McFreeScan.CoMcFreeScan.1 ActiveX object in Mca

GetSpecialFolderLocation | McFreeScanCoMcFreeScan1 | information | parameters | attackers | sensitive | function | FreeScan | ActiveX | certain | object | allows | remote | obtain | Mcafee | via |

McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters.


An ActiveX control for McAfee Security Installe

Installer | Security | ActiveX | control | System | McAfee |

An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method.


Buffer overflow in McAfee Scan Engine 4320 with

overflow | Engine | McAfee | Buffer | Scan |

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files.


Buffer overflow in McAfee Scan Engine 4320 with

overflow | Engine | McAfee | Buffer | Scan |

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CVE-2005-0643.


McAfee Internet Security Suite 2005 uses insecu

Security | Internet | McAfee | Suite |

McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp.


McAfee IntruShield Security Management System o

IntruShield | Management | privileges | attackers | possibly | Security | Manager | account | obtains | attack | remote | McAfee | System | allows | brute | force | which | guess | user | gain | URL | via |

McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.


Directory traversal vulnerability in Framework

vulnerability | Orchestrator | component | arbitrary | attackers | traversal | Directory | Framework | earlier | Service | ePolicy | remote | create | McAfee | allows | files | agent | 350x | via |

Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.


Buffer overflow in McAfee ePolicy Orchestrator

Orchestrator | overflow | ePolicy | before | Buffer | McAfee |

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.


McAfee VirusScan for Mac (Virex) before 7.7 pat

VirusScan | McAfee | Mac |

McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.


Buffer overflow in the On-Access Scanner in McA

user-assisted | containing | Enterprise | multi-byte | attackers | arbitrary | On-Access | VirusScan | overflow | filename | Scanner | execute | remote | before | McAfee | Buffer | allows | Patch | long | code | 80i | via |

Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.


Buffer overflow in the IsOldAppInstalled functi

IsOldAppInstalled | McSubMgrMcSubMgr | Subscription | overflow | function | ActiveX | control | Manager | Buffer |

Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.


Software vulnerabilities results 1 to 20 of 47     
Page: 123