Lucene search

K
kasperskyKaspersky LabKLA10484
HistoryFeb 23, 2015 - 12:00 a.m.

KLA10484 Interface spoofing vulnerability in McAfee Agent

2015-02-2300:00:00
Kaspersky Lab
threats.kaspersky.com
16

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.4%

An unspecified vulnerability was found in McAfee Agent. By exploiting this vulnerability malicious users conduct clicjacking attack. This vulnerability can be exploited remotely via a specially designed web page.

Original advisories

McAfee bulletin

Related products

McAfee-Agent

CVE list

CVE-2015-2053 warning

Solution

Update to latest version!

Get McAFee Agent

Impacts

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • McAfee Agent versions earlier than 4.8.0 Patch 3McAfee Agent version 5.0.0

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.4%