84 matches found
McAfee WebShield SMTP Unsupported
The install of McAfee WebShield SMTP listening on the remote host is no longer supported since the product reached End of Life on March 31, 2010. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security...
CVE-2012-4014
CVE-2012-4014 affects McAfee Email Anti-virus (formerly WebShield SMTP). The vulnerability enables remote denial of service via unspecified vectors; impact is DoS as described by multiple sources. Public details are consistent across NVD, Red Hat, JVN entries, and CVE listings. Remediation is not...
Email Anti-virus (formerly WebShield SMTP) vulnerable to denial-of-service
Overview Email Anti-virus formerly WebShield SMTP provided by McAfee Co., Ltd. contains a denial-of-service DoS vulnerability. Email Anti-virus formerly WebShield SMTP provided by McAfee Co., Ltd. is an anti-virus package that scans emails. Email Anti-virus formerly WebShield SMTP contains a...
McAfee WebShield UI Authentication Bypass (SB10026)
The version of the McAfee WebShield UI hosted on the remote web server is affected by an authentication bypass vulnerability. It is possible to get a valid session ID as the administrative user by making a specially crafted request to /cgi-bin/localadmin. A remote, unauthenticated attacker can...
McAfee WebShield UI mui Directory Traversal (SB10026)
The version of the McAfee WebShield UI hosted on the remote web server is affected by a directory traversal vulnerability. Input passed to the query string of /cgi-bin/mui is not properly sanitized. A remote, unauthenticated attacker can exploit this to read arbitrary files as the apache user...
McAfee WebShield UI Dashboard XSS (SB10026)
The version of the McAfee WebShield UI hosted on the remote web server is affected by a cross-site scripting vulnerability. Extra path information passed to the end of the 'dashboard' script is not properly sanitized. A remote attacker can exploit this by convincing a user into requesting a...
McAfee WebShield Web UI Detection
WebShield Web UI included with products such as McAfee Email Gateway and McAfee Email and Web Security was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58581; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate",...
McAfee WebShield UI ProcessTextFile bodyStyle Parameter XSS (SB10020)
The version of WebShield UI hosted on the remote web server has a reflected cross-site scripting vulnerability. Input to the 'bodyStyle' parameter of ProcessTextFiles is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...
Malware Piggybacks On Anti-Phishing Software
Malware authors have discovered a shortcut to create a Trojan horse program: using components from an anti-phishing product from China-based Zhuhai Kingsoft Software. Symantec researcher Poul Jensen wrote about the malware on that company’s Connect blog on Wednesday. The Trojan package...
Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability
Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date2010-4-14 13:42:26 DETAILS: Kavsafe.sys create a...
Kingsoft WebShield privilege escalation
Kernel memory overwrite on IOCTL processing...
Kingsoft WebShield KAVSafe.sys Privilege Escalation
Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date:2010-4-14 13:42:26 DETAILS: Kavsafe.sys create a...
CVE-2010-2031
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...
CVE-2010-2031
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device...
CVE-2010-2031
CVE-2010-2031 affects KAVSafe.sys 2010.4.14.609 and earlier (used with Kingsoft Webshield 3.5.1.2 and earlier). It allows local users to overwrite arbitrary kernel memory via a crafted IOCTL 0x830020d4 request to the KAVSafe device. The NVD entry documents a local-exploit scenario with a CVSSv2 b...
Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Local Priv
Exploit for linux platform in category local exploits ============================================================================================= Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Priv. Escalation...
Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
/ Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And KAVSafe.sys = 2010.4.14.609 Signature Date2010-4-14 13:42:26 DETAILS: Kavsafe.sys create ...
Kingsoft Webshield KAVSafe.sys 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
Kingsoft Webshield KAVSafe.sys 2010.4.14.609 2010.5.23 - Kernel Mode Privilege Escalation / Kingsoft WebShield KAVSafe.sys = 2010.4.14.6092010.5.23 Kernel Mode Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Kingsoft WebShield = 3.5.1.2 2010.5.23 Signature Date: 2010-5-23 2:33:54 And...
McAfee WebShield SMTP Bounce Message Format String (CVE-2006-0559)
McAfee WebShield SMTP is an application designed to scan incoming SMTP messages for viruses before forwarding them to their destinations. Since WebShield may be set up to work independently of any real SMTP servers, it can act as a partially-featured SMTP server on its own, with respect to...
Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting Remote Command Execution
Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting Remote Command Execution source: https://www.securityfocus.com/bid/35038/info The Webshield feature of Kingsoft Internet Security 9 is prone to a remote cross-site scripting and command-execution vulnerability. Remote attackers may exploit this...