McAfee SaaS MyCioScan ShowReport Remote Command Execution
This module exploits a vulnerability found in McAfee Security-as-a-Service. The ShowReport function located in the myCIOScn.dll ActiveX component fails to check the FileName argument, and passes it on to a ShellExecuteW function, therefore allows any malicious attacker to execute any process that...