2 matches found
McAfee Enterprise Security Manager OS Command Injection Vulnerability (SB10133)
McAfee Enterprise Security Manager ESM is prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2015-7310
McAfee Enterprise Security Manager (ESM), ESMLM, and ESMREC are affected by CVE-2015-7310. Versions prior to 9.3.2MR18, 9.4.x prior to 9.4.2MR8, and 9.5.x prior to 9.5.0MR7 allow remote authenticated users to execute arbitrary OS commands via a crafted filename when downloading a file, due to imp...