4 matches found
CVE-2020-3350
CVE-2020-3350 concerns ClamAV (and is referenced in the Cisco/AMP context in the initial doc). A vulnerability allowed a malicious user to trick clamscan, clamdscan or clamonacc into deleting or moving a different file than intended when using the --move or --remove options. The underlying issue ...
CVE-2021-1386
CVE-2021-1386 describes a DLL hijacking vulnerability in Cisco AMP for Endpoints Windows Connector, ClamAV for Windows, and Immunet. The issue arises from insufficient validation of directory search paths at run time, enabling an authenticated, local attacker to place a malicious DLL and execute ...
CVE-2020-3314
Cisco AMP for Endpoints Mac Connector Software contains a file-scan denial-of-service vulnerability (CVE-2020-3314) caused by insufficient input validation of file attributes. A crafted file could crash the scan engine, restart the AMP Connector, and cause DoS of the Cisco AMP for Endpoints servi...
CVE-2021-1280
CVE-2021-1280 describes a DLL hijacking vulnerability in the loading mechanism of specific DLLs used by Cisco AMP for Endpoints (Windows) and Immunet (Windows). An authenticated, local attacker could exploit improper directory search path handling by placing a malicious DLL on the target system, ...