Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-14 | CVE-2016-8021 | Improper Verification of Cryptographic Signature vulnerability in Mcafee Virusscan Enterprise Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | 5.0 |
| 2017-03-14 | CVE-2016-8020 | Code Injection vulnerability in Mcafee Virusscan Enterprise Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. | 8.0 |
| 2017-03-14 | CVE-2016-8019 | Cross-site Scripting vulnerability in Mcafee Virusscan Enterprise Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input. | 6.1 |
| 2017-03-14 | CVE-2016-8018 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Virusscan Enterprise Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | 4.3 |
| 2017-03-14 | CVE-2016-8017 | Improper Input Validation vulnerability in Mcafee Virusscan Enterprise Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | 4.1 |
| 2017-03-14 | CVE-2016-8016 | Information Exposure vulnerability in Mcafee Virusscan Enterprise Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | 3.4 |
| 2017-03-14 | CVE-2016-8012 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | 7.8 |
| 2017-03-14 | CVE-2016-8011 | Cross-site Scripting vulnerability in Intel Security Mcafee Endpoint Security web Control 10.2.0.408 Cross-site scripting vulnerability in Intel Security McAfee Endpoint Security (ENS) Web Control before 10.2.0.408.10 allows attackers to inject arbitrary web script or HTML via a crafted web site. | 6.1 |
| 2017-03-14 | CVE-2016-8010 | Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | 7.8 |
| 2017-03-14 | CVE-2016-8009 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Application Control Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | 7.8 |