12 matches found
McAfee VirusScan Enterprise Elevation of Privilege Vulnerability
McAfee VirusScan Enterprise VSE is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. An elevation of privilege vulnerability exists in versions prior ...
CVE-2020-7267
Privilege Escalation vulnerability in McAfee VirusScan Enterprise VSE for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved...
CVE-2016-8021
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file...
CVE-2016-8025
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter...
CVE-2016-8023
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie...
CVE-2016-8019
Cross-site scripting XSS vulnerability in attributes in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input...
McAfee VirusScan Enterprise CRLF Injection Vulnerability
McAfee VirusScan Enterprise is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A CRLF injection vulnerability exists in VirusScan Enterprise for Lin...
McAfee VirusScan Enterprise SQL Injection Vulnerability
McAfee VirusScan Enterprise is a suite of antivirus software from the American company McAfee. The software provides a full range of security protection, scans memory for malicious code and optimizes updates for remote systems. A SQL injection vulnerability exists in VirusScan Enterprise for Linu...
McAfee Virus Scan Enterprise For Linux Remote Code Execution
Source: https://nation.state.actor/mcafee.html Vulnerabilities CVE-2016-8016: Remote Unauthenticated File Existence Test CVE-2016-8017: Remote Unauthenticated File Read with Constraints CVE-2016-8018: No Cross-Site Request Forgery Tokens CVE-2016-8019: Cross Site Scripting CVE-2016-8020:...
McAfee Virus Scan Enterprise for Linux 1.9.2 2.0.2 - Remote Code Execution
McAfee Virus Scan Enterprise for Linux 1.9.2 2.0.2 - Remote Code Execution ''' Source: https://nation.state.actor/mcafee.html Vulnerabilities CVE-2016-8016: Remote Unauthenticated File Existence Test CVE-2016-8017: Remote Unauthenticated File Read with Constraints CVE-2016-8018: No Cross-Site...
McAfee Releases Security Bulletin for Virus Scan Enterprise
McAfee has released a security bulletin to address multiple vulnerabilities in Virus Scan Enterprise software versions 2.0.3 and earlier. Some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review McAfee...
The vulnerability of the McAfee VirusScan Enterprise anti-virus software allows a hacker to bypass both DEP and ASLR protection mechanisms.
The vulnerability of the McAfee VirusScan Enterprise antivirus software is related to the allocation of memory with read, write, and execute permissions at certain addresses on a 32-bit platform, during the protection of external applications. Exploiting this vulnerability could allow an attacker...