Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Security_center | Mcafee | 4.3 (including) | 4.3 (including) |
| Security_center | Mcafee | 6.0 (including) | 6.0 (including) |
| Security_center | Mcafee | 6.0.22 (including) | 6.0.22 (including) |
| Security_center | Mcafee | 7.0 (including) | 7.0 (including) |
| Security_center | Mcafee | 7.1 (including) | 7.1 (including) |
| Security_center | Mcafee | 7.2 (including) | 7.2 (including) |
| Securitycenter_agent | Mcafee | 6.0 (including) | 6.0 (including) |
| Virusscan | Mcafee | 10.0.27 (including) | 10.0.27 (including) |
| Virusscan | Mcafee | 2004 (including) | 2004 (including) |
| Virusscan | Mcafee | 2005 (including) | 2005 (including) |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528
- http://osvdb.org/35874
- http://secunia.com/advisories/25173
- http://ts.mcafeehelp.com/faq3.asp?docid=419189
- http://www.securityfocus.com/bid/23888
- http://www.securityfocus.com/bid/23909
- http://www.securitytracker.com/id?1018028
- http://www.vupen.com/english/advisories/2007/1717
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34179
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528
- http://osvdb.org/35874
- http://secunia.com/advisories/25173
- http://ts.mcafeehelp.com/faq3.asp?docid=419189
- http://www.securityfocus.com/bid/23888
- http://www.securityfocus.com/bid/23909
- http://www.securitytracker.com/id?1018028
- http://www.vupen.com/english/advisories/2007/1717
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34179