Lucene search

[email protected]CVE-2010-3496

HistoryAug 22, 2012 - 10:42 a.m.

CVE-2010-3496

2012-08-2210:42:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2010-3496

mcafee

virusscan

enterprise

microsoft help and support center

code execution

nvd

8 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.

CPENameOperatorVersion
mcafee:virusscan_enterprisemcafee virusscan enterpriseeq8.7i
mcafee:virusscan_enterprisemcafee virusscan enterpriseeq8.5i

CPE	Name	Operator	Version
mcafee:virusscan_enterprise	mcafee virusscan enterprise	eq	8.7i
mcafee:virusscan_enterprise	mcafee virusscan enterprise	eq	8.5i

References

www.n00bz.net/antivirus-cve

www.securityfocus.com/archive/1/514356

kc.mcafee.com/corporate/index?page=content&id=SB10012

8 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2010-3496

prion1 openvas2 cvelist1 nessus1