3 matches found
Cross site scripting
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting XSS attack, execute arbitrary code using the...
CVE-2011-3006
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting XSS attack, execute arbitrary code using the...
TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability
TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-11-12 August 8, 2011 -- CVSS: 8.3, AV:N/AC:M/Au:N/C:P/I:P/A:C -- Affected Vendors: McAfee -- Affected Products: McAfee...