3 matches found
CVE-2011-3007
CVE-2011-3007 affects McAfee SaaS Endpoint Protection (ActiveX control myCIOScn.dll) versions 5.2.1 and earlier. The vulnerability arises in the MyCioScan.Scan.ReportFile parameter, which allows remote attackers to specify an arbitrary filename, enabling writing to arbitrary files. Documented imp...
CVE-2011-3006
The CVE-2011-3006 entry concerns the MyAsUtil ActiveX control (MyAsUtil5.2.0.603.dll) in McAfee SaaS Endpoint Protection, affected in 5.2.1 and earlier. The vulnerability arises in the MyAsUtil.SecureObjectFactory.CreateSecureObject domain policy, which can be bypassed via a cross-site scripting ...
CVE-2011-5101
The CVE-2011-5101 entry concerns the Rumor technology in McAfee SaaS Endpoint Protection (pre-5.2.4). The available documents specify that this component allows remote attackers to relay email messages via unspecified vectors, demonstrated by relaying spam. The exact affected versions are McAfee ...