Vulnerabilites related to mcafee - anti-virus_plus
Vulnerability from fkie_nvd
Published
2018-04-03 22:29
Modified
2024-11-21 03:26
Severity ?
5.0 (Medium) - CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:anti-virus_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3320DA-317A-4668-8CB7-B253CF4E26BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:endpoint_security:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA3764B-02A5-4CB8-A2CF-BDEC69A3F1F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B258695-3C79-4EF0-9F57-96867BBCE2B9",
"versionEndIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "551CDFD4-6CB5-478C-87BD-E8FCA2564452",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "3C8C36BD-4C81-43A2-A1B0-FD6FC43D7077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "7507AF42-7435-408F-8D13-12AEB6BD2D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "0DF5032E-F91D-48D8-AAEE-35784BD87778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "22BBD8D0-3D09-4A0C-AF5F-5655329D01E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "143B1FC1-CD35-411F-B67F-4879DCE4531F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "31C16E08-FFB3-426E-9A9F-D496A50F10BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "E096860A-4AA2-4A3F-8B45-998E6E48F175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "91D6F788-8D23-44D8-AFAF-780F45885341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B53E987-4329-4FA9-AC94-0286D64B7E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:total_protection:-:*:*:*:*:*:*:*",
"matchCriteriaId": "251D56EC-7153-451F-A558-92E0F5BFACEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virus_scan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF52F97-EC0A-4CE9-A62B-4881210CA186",
"versionEndIncluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virus_scan_enterprise:8.8:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "6E4B5233-94A6-4E3E-B13B-08C6633BDCF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters."
},
{
"lang": "es",
"value": "Vulnerabilidad de registro maliciosamente configurado en todos los productos Microsoft Windows en productos para consumidores y empresas de McAfee permite que un administrador inyecte c\u00f3digo arbitrario en un proceso McAffee depurado mediante la manipulaci\u00f3n de par\u00e1metros de registro."
}
],
"id": "CVE-2017-4028",
"lastModified": "2024-11-21T03:26:25.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.6,
"impactScore": 4.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-03T22:29:00.523",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "http://www.securityfocus.com/bid/97958"
},
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-13 09:15
Modified
2024-11-21 04:42
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | anti-virus_plus | * | |
| mcafee | internet_security | * | |
| mcafee | total_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:anti-virus_plus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10E5C397-E68B-4511-85C0-B3252F5601AB",
"versionEndIncluding": "16.0.r22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0229CEC5-62A2-4A9D-B04A-1533F253CDCA",
"versionEndIncluding": "16.0.r22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:total_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F541EBA4-75A9-48C2-9E58-2AE1F90AEC23",
"versionEndIncluding": "16.0r22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios en el cliente de Microsoft Windows en McAfee Total Protection versi\u00f3n 16.0.R22 y anteriores, permite a administradores ejecutar c\u00f3digo arbitrario mediante la colocaci\u00f3n cuidadosa de archivos maliciosos dentro de ubicaciones espec\u00edficas protegidas mediante permiso de administrador."
}
],
"id": "CVE-2019-3648",
"lastModified": "2024-11-21T04:42:17.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T09:15:10.877",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648"
},
{
"source": "trellixpsirt@trellix.com",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-3648
Vulnerability from cvelistv5
Published
2019-11-13 08:55
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Total Protection |
Version: 16.0.x < 16.0.R22 Refresh 1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee Total Protection",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "16.0.R22 Refresh 1",
"status": "affected",
"version": "16.0.x",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T19:37:54",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Implicit loading of DLLs",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2019-3648",
"STATE": "PUBLIC",
"TITLE": "Implicit loading of DLLs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee Total Protection",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "16.0.x",
"version_value": "16.0.R22 Refresh 1"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and earlier allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984",
"refsource": "CONFIRM",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102984"
},
{
"name": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648",
"refsource": "MISC",
"url": "https://safebreach.com/Post/McAfee-All-Editions-MTP-AVP-MIS-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-3648"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3648",
"datePublished": "2019-11-13T08:55:53",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-08-04T19:12:09.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-4028
Vulnerability from cvelistv5
Published
2018-04-03 22:00
Modified
2024-09-17 01:25
Severity ?
EPSS score ?
Summary
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10193 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97958 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | McAfee | McAfee Anti-Virus Plus (AVP) |
Version: 170329 < 29 Mar 2017 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193"
},
{
"name": "97958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee Anti-Virus Plus (AVP)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "29 Mar 2017",
"status": "affected",
"version": "170329",
"versionType": "custom"
}
]
},
{
"product": "McAfee Endpoint Security (ENS)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "10.2 DAT V3 DAT 2932.0",
"status": "affected",
"version": "10.2",
"versionType": "custom"
}
]
},
{
"product": "McAfee Host Intrusion Prevention (Host IPS)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "8.0 Patch 9 Hotfix 1188590",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"product": "McAfee Internet Security (MIS)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "29 Mar 2017",
"status": "affected",
"version": "170329",
"versionType": "custom"
}
]
},
{
"product": "McAfee Total Protection (MTP)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "29 Mar 2017",
"status": "affected",
"version": "170329",
"versionType": "custom"
}
]
},
{
"product": "McAfee Virus Scan Enterprise (VSE)",
"vendor": "McAfee",
"versions": [
{
"lessThan": "8.8 Patch 8/9 Hotfix 1187884",
"status": "affected",
"version": "8.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2017-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Maliciously misconfigured registry vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-04T09:57:01",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193"
},
{
"name": "97958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97958"
}
],
"source": {
"advisory": "SB10193",
"discovery": "EXTERNAL"
},
"title": "SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2017-05-12T17:00:00.000Z",
"ID": "CVE-2017-4028",
"STATE": "PUBLIC",
"TITLE": "SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee Anti-Virus Plus (AVP)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "170329",
"version_value": "29 Mar 2017"
}
]
}
},
{
"product_name": "McAfee Endpoint Security (ENS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "10.2",
"version_value": "10.2 DAT V3 DAT 2932.0"
}
]
}
},
{
"product_name": "McAfee Host Intrusion Prevention (Host IPS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "8.0",
"version_value": "8.0 Patch 9 Hotfix 1188590"
}
]
}
},
{
"product_name": "McAfee Internet Security (MIS)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "170329",
"version_value": "29 Mar 2017"
}
]
}
},
{
"product_name": "McAfee Total Protection (MTP)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "170329",
"version_value": "29 Mar 2017"
}
]
}
},
{
"product_name": "McAfee Virus Scan Enterprise (VSE)",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "8.8",
"version_value": "8.8 Patch 8/9 Hotfix 1187884"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Maliciously misconfigured registry vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10193"
},
{
"name": "97958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97958"
}
]
},
"source": {
"advisory": "SB10193",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2017-4028",
"datePublished": "2018-04-03T22:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-17T01:25:40.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}