[email protected]CVE-2006-3961

HistoryAug 01, 2006 - 9:04 p.m.

CVE-2006-3961

2006-08-0121:04:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-3961

buffer overflow

activex control

mcafee security center

remote code execution

vulnerability

nvd

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.879 High

EPSS

Percentile

98.7%

JSON

Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.

CPENameOperatorVersion
mcafee:privacy_servicemcafee privacy serviceeq2005
mcafee:spamkillermcafee spamkillereq7.0
mcafee:internet_security_suitemcafee internet security suiteeq2005
mcafee:virusscanmcafee virusscaneq2006
mcafee:personal_firewall_plusmcafee personal firewall pluseq2005
mcafee:virusscanmcafee virusscaneq2004
mcafee:spamkillermcafee spamkillereq6.0
mcafee:spamkillermcafee spamkillereq5.0
mcafee:security_centermcafee security centereq6.0.22
mcafee:antispywaremcafee antispywareeq2005

CPE	Name	Operator	Version
mcafee:privacy_service	mcafee privacy service	eq	2005
mcafee:spamkiller	mcafee spamkiller	eq	7.0
mcafee:internet_security_suite	mcafee internet security suite	eq	2005
mcafee:virusscan	mcafee virusscan	eq	2006
mcafee:personal_firewall_plus	mcafee personal firewall plus	eq	2005
mcafee:virusscan	mcafee virusscan	eq	2004
mcafee:spamkiller	mcafee spamkiller	eq	6.0
mcafee:spamkiller	mcafee spamkiller	eq	5.0
mcafee:security_center	mcafee security center	eq	6.0.22
mcafee:antispyware	mcafee antispyware	eq	2005

Rows per page:

1-10 of 251

References

secunia.com/advisories/21264

securitytracker.com/id?1016614

ts.mcafeehelp.com/faq3.asp?docid=407052

www.eeye.com/html/research/advisories/AD2006807.html

www.eeye.com/html/research/upcoming/20060719.html

www.kb.cert.org/vuls/id/481212

www.osvdb.org/27698

www.securityfocus.com/archive/1/442495/100/100/threaded

www.securityfocus.com/bid/19265

www.vupen.com/english/advisories/2006/3096

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.879 High

EPSS

Percentile

98.7%

JSON

Related for CVE-2006-3961

saint4 packetstorm1 cvelist1 checkpoint_advisories1 cert1