The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Max CVSS
2.6
EPSS Score
0.05%
Published
2015-12-16
Updated
2016-05-26
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2015-09-18
Updated
2015-09-22
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2017-09-08
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2017-09-08
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-10-30
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-10-30
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-10-30
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-10-30
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-10-30
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-10-29
Updated
2014-11-19
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
Max CVSS
2.1
EPSS Score
0.10%
Published
2012-08-22
Updated
2017-08-29
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module.
Max CVSS
2.6
EPSS Score
0.04%
Published
2012-08-22
Updated
2012-08-22
McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
Max CVSS
2.1
EPSS Score
0.04%
Published
2009-08-21
Updated
2017-08-17
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields.
Max CVSS
2.1
EPSS Score
0.04%
Published
2006-07-13
Updated
2018-10-18
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-06-08
Updated
2017-10-10
15 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!