Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1920
HistoryNov 03, 2000 - 12:00 a.m.

McAfee VirusScan 4.5 Unquoted ImagePath Vulnerability

2000-11-0300:00:00
Symantec Security Response
www.symantec.com
12
JSON

Description

The default installation of McAfee VirusScan excludes quotes around the image path (eg. ImagePath=C:\Program Files\Common Files\Network Associates\McShield\McShield.exe). Therefore, if a malicious user were to insert a hostile VB executable file named common.exe in C:\Program Files, it would automatically run upon startup of McShield.exe. The malicious user could perform the action of their choice given that it could be successfully deployed through a VB file. This includes privilege escalation, addition and removal of users, file modification, implanting of trojans and viruses, etc.

Technologies Affected

  • McAfee VirusScan 4.5.0

McAfee has released Service Pack 1 for VirusScan which eliminates this vulnerability.

CPENameOperatorVersion
mcafee virusscaneq4.5.0
JSON