Mcafee : Security Vulnerabilities, CVEs, Published In 2011 (XSS)
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks.
Max CVSS
6.8
EPSS Score
1.17%
Published
2011-08-10
Updated
2017-08-29
1 vulnerabilities found