Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2011-2975

Malware in sbrugna...

6.8CVSS6.4AI score0.01188EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2013-7221

Malware in sbrugna...

7.5CVSS7.6AI score0.01767EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-5001

Malware in sbrugna...

5CVSS6.4AI score0.01218EPSS
Exploits0References3
Prion
Prion
added 2017/03/14 10:59 p.m.18 views

Directory traversal

A directory traversal vulnerability in the web application in McAfee now Intel Security SaaS Control Console SCC Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access...

5CVSS7.2AI score0.01767EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2012/08/22 10:42 a.m.16 views

Design/Logic Flaw

The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to relay e-mail messages via unspecified vectors, as demonstrated by relaying spam...

5CVSS7.2AI score0.01218EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2012/08/22 10:42 a.m.3 views

CVE-2011-5101

The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to relay e-mail messages via unspecified vectors, as demonstrated by relaying spam...

5CVSS5.6AI score0.01218EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2012/01/17 12:0 a.m.24 views

McAfee SaaS MyCioScan ShowReport - Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "McAfee SaaS...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/08/31 12:0 a.m.24 views

McAfee SaaS Endpoint Protection ActiveX Controls Multiple Code Execution Vulnerabilities

This host is installed with McAfee SaaS Endpoint Protection and is prone to multiple code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmcafeesaasendpointprotectionmultcodeexecvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ McAfee SaaS Endpoint Protection ActiveX Controls Multiple...

6.8CVSS0.6AI score0.02129EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/08/31 12:0 a.m.25 views

McAfee SaaS Endpoint Protection ActiveX Controls Multiple Code Execution Vulnerabilities

McAfee SaaS Endpoint Protection is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.8CVSS7AI score0.02129EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2011/08/31 12:0 a.m.13 views

McAfee SaaS Endpoint Protection Version Detection (Windows)

This script finds the installed McAfee SaaS Endpoint Protection version and saves the result in KB. OpenVAS Vulnerability Test $Id: secpodmcafeesaasendpointprotectiondetect.nasl 7293 2017-09-27 08:49:48Z cfischer $ McAfee SaaS Endpoint Protection Version Detection Windows Authors: Sooraj KS...

7.3AI score
Exploits0
NVD
NVD
added 2011/08/10 8:55 p.m.20 views

CVE-2011-3006

The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting XSS attack, execute arbitrary code using the...

6.8CVSS6.6AI score0.02129EPSS
Exploits0References4
NVD
NVD
added 2011/08/10 8:55 p.m.21 views

CVE-2011-3007

The myCIOScn ActiveX control myCIOScn.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing...

6.8CVSS7AI score0.01188EPSS
Exploits0References4
CVE
CVE
added 2011/08/10 8:0 p.m.48 views

CVE-2011-3006

The CVE-2011-3006 entry concerns the MyAsUtil ActiveX control (MyAsUtil5.2.0.603.dll) in McAfee SaaS Endpoint Protection, affected in 5.2.1 and earlier. The vulnerability arises in the MyAsUtil.SecureObjectFactory.CreateSecureObject domain policy, which can be bypassed via a cross-site scripting ...

6.8CVSS6.7AI score0.02129EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/08/10 8:0 p.m.24 views

CVE-2011-3006

The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting XSS attack, execute arbitrary code using the...

6.6AI score0.02129EPSS
Exploits0References4
Cvelist
Cvelist
added 2011/08/10 8:0 p.m.24 views

CVE-2011-3007

The myCIOScn ActiveX control myCIOScn.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing...

7AI score0.01188EPSS
Exploits0References4
seebug.org
seebug.org
added 2011/08/09 12:0 a.m.21 views

McAfee SaaS Endpoint Protection 'MyAsUtil5.2.0.603.dll' ActiveX远程代码执行漏洞

Bugtraq ID: 49088 McAfee SaaS Endpoint Protection是一款提供了用于拦截病毒、间谍软件、Web 威胁和黑客攻击的基本保护功能。 MyAsUtil5.2.0.603.dll提供的ActiveX控件存在安全漏洞。首先跨站脚本可用于绕过MyASUtil.SecureObjectFactory.CreateSecureObject中实现的域执行策略来创建一个MyASUtil.InstallInfo实例,之后MyASUtil.InstallInfo.RunUserProgram可用于在系统上执行代码。另外用户系统上多个其他对象和接口可任意使用这个通用机...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2011/08/09 12:0 a.m.16 views

McAfee SaaS Endpoint Protection 'myCIOScn' ActiveX远程代码执行漏洞

Bugtraq ID: 49087 McAfee SaaS Endpoint Protection是一款提供了用于拦截病毒、间谍软件、Web 威胁和黑客攻击的基本保护功能。 myCIOScn.dll存在缺陷。首先通过ActiveX导出的MyCioScan.Scan.ReportFile参数可设置为任意文件名,包括敏感系统文件和目录,其次,可构建特制的MyCioScan.Scan.Start方法的参数,把恶意脚本注入到在AV扫描结束时创建的日志文件中。组合这两个缺陷可使远程攻击者以浏览器上下文执行任意代码。 0 McAfee SaaS Endpoint Protection 5.2.1...

6.9AI score
Exploits0
Rows per page
Query Builder