Vulnerabilities > CVE-2018-6687 - Infinite Loop vulnerability in Mcafee Getsusp 3.0.0.461

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
mcafee
CWE-835

Summary

Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows.

Vulnerable Configurations

Part Description Count
Application
Mcafee
1
OS
Microsoft
1

Talos

idTALOS-2017-0509
last seen2019-05-29
published2019-02-20
reporterTalos Intelligence
sourcehttp://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0509
titleMcAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability