McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)

The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.599.3. It is, therefore, affected by a flaw in the non-certificate-based authentication mechanism that is triggered during the handling of HTTP backend-responses. This may allow a man-in-the-middle...

CVE-2017-3897

A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus MSS+ versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response...

CVE-2017-3897

The CVE-2017-3897 entry affects McAfee LiveSafe (older than 16.0.3) and McAfee Security Scan Plus (MSS+) older than 3.11.599.3. It is a code-injection vulnerability in the non‑certificate‑based authentication mechanism that can be triggered by a HTTP backend‑response, allowing a network attacker ...

McAfee Security Scan Plus - Remote Command Execution

McAfee Security Scan Plus - Remote Command Execution Vulnerability Summary The following advisory describes a Remote Code Execution found in McAfee Security Scan Plus. An active network attacker could launch a man-in-the-middle attack on a plaintext-HTTP response to a client to run any residing...