virusscan software vulnerabilities
vulnerabilities.aspcode.net
Searching virusscan software vulnerabilities
NAI VirusScan NT 4.0.2 does not properly modify
VirusScan
|
NAI
|
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly.
The default configuration of McAfee VirusScan 4
configuration
|
"commonexe"
|
improperly
|
ImagePath
|
VirusScan
|
variable
|
program
|
default
|
search
|
allows
|
Trojan
|
McAfee
|
place
|
users
|
horse
|
quote
|
which
|
local
|
does
|
sets
|
path
|
not
|
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
McAfee VirusScan 4.5.1 does not drop SYSTEM pri
VirusScan
|
McAfee
|
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges.
Buffer overflow in InnerMedia DynaZip DUNZIP32.
DUNZIP32dll
|
InnerMedia
|
overflow
|
version
|
DynaZip
|
Buffer
|
file
|
Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, as demonstrated using (1) a .rjs (skin) file in RealPlayer 10 through RealPlayer 10.5 (6.0.12.1053), RealOne Player 1 and 2, (2) the Restore Backup function in CheckMark Software Payroll 2004/2005 3.9.6 and earlier, (3) CheckMark MultiLedger before 7.0.2, (4) dtSearch 6.x and 7.x, (5) mcupdmgr.exe and mghtml.exe in McAfee VirusScan 10 Build 10.0.21 and earlier, (6) IBM Lotus Notes before 6.5.5, and other products. NOTE: it is unclear whether this is the same vulnerability as CVE-2004-0575, although the data manipulations are the same.
The ActiveX control in MCINSCTL.DLL for McAfee
IObjectSafetySiteLock
|
MCINSTALLMcLog
|
MCINSCTLDLL
|
attackers
|
VirusScan
|
arbitrary
|
StartLog
|
restrict
|
required
|
Security
|
methods
|
domains
|
control
|
ActiveX
|
create
|
AddLog
|
McAfee
|
append
|
remote
|
access
|
object
|
Center
|
allows
|
files
|
which
|
does
|
API
|
not
|
via
|
use
|
The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object.
Unquoted Windows search path vulnerability in M
vulnerability
|
Enterprise
|
VirusScan
|
Unquoted
|
Windows
|
search
|
McAfee
|
path
|
80i
|
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
Unknown vulnerability in the Buffer Overflow Pr
vulnerability
|
Protection
|
Enterprise
|
VirusScan
|
Overflow
|
Unknown
|
Buffer
|
McAfee
|
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields.
Buffer overflow in McSubMgr ActiveX control (mc
McSubMgr
|
overflow
|
control
|
ActiveX
|
Buffer
|
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
McAfee Network Agent (mcnasvc.exe) 1.0.178.0, a
Network
|
McAfee
|
Agent
|
McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
Untrusted search path vulnerability in McAfee V
vulnerability
|
environment
|
installing
|
arbitrary
|
Untrusted
|
directory
|
libraries
|
malicious
|
VirusScan
|
DT_RPATH
|
variable
|
includes
|
earlier
|
execute
|
current
|
working
|
McAfee
|
allows
|
search
|
Linux
|
local
|
which
|
4510e
|
users
|
load
|
path
|
code
|
ELF
|
DSO
|
Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory.
McAfee VirusScan for Mac (Virex) before 7.7 pat
VirusScan
|
McAfee
|
Mac
|
McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.
VShieldCheck in McAfee VirusScan for Mac (Virex
VShieldCheck
|
VirusScan
|
McAfee
|
Mac
|
VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
** DISPUTED ** McAfee VirusScan Enterprise 8.5
permissions
|
Enterprise
|
protection
|
VirusScan
|
password
|
Registry
|
insecure
|
DISPUTED
|
Windows
|
certain
|
bypass
|
allows
|
McAfee
|
users
|
value
|
which
|
local
|
uses
|
850i
|
keys
|
UIP
|
via
|
** DISPUTED ** McAfee VirusScan Enterprise 8.5.0.i uses insecure permissions for certain Windows Registry keys, which allows local users to bypass local password protection via the UIP value in (1) HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection or (2) HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Entreprise\CurrentVersion. NOTE: this issue has been disputed by third-party researchers, stating that the default permissions for HKEY_LOCAL_MACHINE\SOFTWARE does not allow for write access and the product does not modify the inherited permissions. There might be an interaction error with another product.
Buffer overflow in the On-Access Scanner in McA
user-assisted
|
containing
|
Enterprise
|
multi-byte
|
attackers
|
arbitrary
|
On-Access
|
VirusScan
|
overflow
|
filename
|
Scanner
|
execute
|
remote
|
before
|
McAfee
|
Buffer
|
allows
|
Patch
|
long
|
code
|
80i
|
via
|
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.
Software vulnerabilities results 1 to 15 of 15
Page:
1