Vulnerability Details : CVE-2013-7460
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
Vulnerability category: BypassGain privilege
Products affected by CVE-2013-7460
- cpe:2.3:a:mcafee:application_control:*:*:*:*:*:linux:*:*
- cpe:2.3:a:mcafee:change_control:*:*:*:*:*:linux:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-7460
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-7460
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:P/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2013-7460
-
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7460
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10054
McAfee Security Bulletin – Application Control / Change Control for Linux update fixes a write protection and execution bypass vulnerability (CVE-2013-7460 and CVE-2013-7461)Patch;Vendor Advisory
Jump to