Mcafee : Security vulnerabilities, CVEs published in December 2019

Copy

CVE-2019-3667

DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.

Max CVSS

7.8

EPSS Score

0.07%

Published

2019-12-11

Updated

2019-12-16

CVE-2019-3666

API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.

Max CVSS

6.5

EPSS Score

0.15%

Published

2019-12-03

Updated

2019-12-12

CVE-2019-3665

Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.

Max CVSS

6.5

EPSS Score

0.15%

Published

2019-12-03

Updated

2019-12-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!