CVE-2012-4598

2012-08-2210:42:05

mitre

web.nvd.nist.gov

cve-2012-4598

mcafee

virtual technician

mvt

activex control

vulnerability

remote code execution

denial of service

internet explorer

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.964

Percentile

99.6%

JSON

An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.

Affected configurations

Nvd

Node

mcafeemcafee_virtual_technicianRange≤6.3.0.1911

Node

mcafeeepo_mcafee_virtual_technicianRange≤1.0.7

mcafeeepo_mcafee_virtual_technicianMatch1.0

mcafeeepo_mcafee_virtual_technicianMatch1.0.4.0

VendorProductVersionCPE
mcafeemcafee_virtual_technician*cpe:2.3:a:mcafee:mcafee_virtual_technician:*:*:*:*:*:*:*:*
mcafeeepo_mcafee_virtual_technician*cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:*:*:*:*:*:*:*:*
mcafeeepo_mcafee_virtual_technician1.0cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0:*:*:*:*:*:*:*
mcafeeepo_mcafee_virtual_technician1.0.4.0cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mcafee	mcafee_virtual_technician	*	cpe:2.3:a:mcafee:mcafee_virtual_technician::::::::
mcafee	epo_mcafee_virtual_technician	*	cpe:2.3:a:mcafee:epo_mcafee_virtual_technician::::::::
mcafee	epo_mcafee_virtual_technician	1.0	cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0:::::::*
mcafee	epo_mcafee_virtual_technician	1.0.4.0	cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.4.0:::::::*