Lucene search

[email protected]CVE-2002-2282

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2282

2007-10-1810:00:00

[email protected]

web.nvd.nist.gov

mcafee

virusscan

arbitrary code execution

dlls

security vulnerability

cve-2002-2282

nvd

7.2 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user’s home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.

Affected configurations

NVD

Node

mcafeevirusscanMatch4.5.1

CPENameOperatorVersion
mcafee:virusscanmcafee virusscaneq4.5.1

CPE	Name	Operator	Version
mcafee:virusscan	mcafee virusscan	eq	4.5.1

References

archives.neohapsis.com/archives/bugtraq/2002-12/0007.html

www.securityfocus.com/bid/6288

exchange.xforce.ibmcloud.com/vulnerabilities/10741

7.2 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2002-2282

cvelist1 nvd1