Vulnerabilities > Mcafee > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-14 CVE-2016-8017 Improper Input Validation vulnerability in Mcafee Virusscan Enterprise
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
network
low complexity
mcafee CWE-20
4.0
2017-03-14 CVE-2016-8012 Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint
Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get.
local
low complexity
mcafee CWE-264
4.6
2017-03-14 CVE-2016-8010 Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.
local
low complexity
mcafee CWE-284
4.6
2017-03-14 CVE-2016-8009 Permissions, Privileges, and Access Controls vulnerability in Mcafee Application Control
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
local
low complexity
mcafee CWE-264
4.6
2017-03-14 CVE-2016-8005 Permissions, Privileges, and Access Controls vulnerability in Mcafee Email Gateway
File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension.
network
low complexity
mcafee CWE-264
4.0
2017-03-14 CVE-2015-8993 Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
local
mcafee CWE-264
6.9
2017-03-14 CVE-2015-8992 Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
local
mcafee CWE-264
6.9
2017-03-14 CVE-2015-8991 Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor
Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
local
mcafee CWE-264
6.9
2017-03-14 CVE-2015-8990 7PK - Security Features vulnerability in Mcafee Advanced Threat Defense 3.4.2.32/3.4.4.14/3.4.4.142
Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware.
network
low complexity
mcafee CWE-254
5.0
2017-03-14 CVE-2015-8989 Cryptographic Issues vulnerability in Mcafee vulnerability Manager 7.0.11/7.5.4/7.5.5
Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database.
network
low complexity
mcafee CWE-310
4.0