7 matches found
CVE-2022-37025
CVE-2022-37025 affects McAfee Security Scan Plus (MSS+) prior to 4.1.262.1. The vulnerability is described as improper privilege management that could let a local user modify a configuration file and perform a LOLBin (Living off the Land) attack, enabling elevated permissions and potential arbitr...
CVE-2017-3897
The CVE-2017-3897 entry affects McAfee LiveSafe (older than 16.0.3) and McAfee Security Scan Plus (MSS+) older than 3.11.599.3. It is a code-injection vulnerability in the non‑certificate‑based authentication mechanism that can be triggered by a HTTP backend‑response, allowing a network attacker ...
CVE-2016-8008
CVE-2016-8008 affects McAfee Security Scan Plus (SSP) on Windows 7/10, where SSP version 3.11.376 is vulnerable to privilege escalation. The root cause is a local DLL-loading issue in McUICnt.exe that allows loading a replacement version.dll, enabling a local attacker to gain SYSTEM privileges. M...
CVE-2015-8993
CVE-2015-8993 affects Intel Security CloudAV (Beta) prior to 0.5.0.151.3. The issue allows a preexisting crafted malware to be executed during installation or uninstallation, momentarily compromising the product; normal operation is not affected. Root cause: malicious file execution during instal...
CVE-2015-8991
CVE-2015-8991 concerns Intel/MCAfee Security Scan Plus (MSS+) prior to version 3.11.266.3. The vulnerability is a malicious file execution flaw that can be triggered during installation or uninstallation by preexisting crafted malware, while normal operation remains unaffected. The OpenVAS entry ...
CVE-2016-8026
McAfee Security Scan Plus (SSP)
CVE-2015-8992
The CVE-2015-8992 entry applies to Intel Security WebAdvisor versions before 4.0.2, 4.0.1 and 3.7.2 . The vulnerability arises from a flaw that allows a crafted malware payload to be executed during installation or uninstallation, making the product momentarily vulnerable. The issue does not affe...