Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-02 | CVE-2007-1226 | Unspecified vulnerability in Mcafee Virex McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files. local mcafee | 4.1 |
| 2006-12-23 | CVE-2006-6707 | Remote Buffer Overflow vulnerability in Mcafee Neotrace and Visual Trace Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. | 7.5 |
| 2006-12-14 | CVE-2006-6474 | Remote Code Execution vulnerability in McAfee VirusScan For Linux Insecure DT_RPATH Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. | 4.6 |
| 2006-10-20 | CVE-2006-5417 | Remote Denial of Service vulnerability in McAfee Network Agent McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. | 5.0 |
| 2006-10-05 | CVE-2006-5156 | Remote Buffer Overflow vulnerability in Mcafee Epolicy Orchestrator and Protectionpilot Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header. | 10.0 |
| 2006-09-19 | CVE-2006-4886 | Security Bypass vulnerability in Scan Engine The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition. | 3.7 |
| 2006-08-01 | CVE-2006-3961 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mcafee products Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. | 6.8 |
| 2006-07-18 | CVE-2006-3623 | Directory Traversal vulnerability in Mcafee Epolicy Orchestrator Agent 3.5.0 Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. | 5.0 |
| 2006-07-13 | CVE-2006-3575 | Denial-Of-Service vulnerability in Mcafee Virusscan 8.0.0 Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. | 2.1 |
| 2006-04-04 | CVE-2006-0559 | Remote Format String vulnerability in McAfee Webshield SMTP Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed. | 10.0 |