CVE-2009-5115

McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.

Affected Software

Name	Vendor	Start Version	End Version
Common_management_agent	Mcafee	3.5.5.438 (including)	3.5.5.438 (including)
Common_management_agent	Mcafee	3.5.5.568 (including)	3.5.5.568 (including)
Common_management_agent	Mcafee	3.5.5.577 (including)	3.5.5.577 (including)
Common_management_agent	Mcafee	3.5.5.580 (including)	3.5.5.580 (including)
Common_management_agent	Mcafee	3.5.5.588 (including)	3.5.5.588 (including)
Common_management_agent	Mcafee	3.6.0.438 (including)	3.6.0.438 (including)
Common_management_agent	Mcafee	3.6.0.453 (including)	3.6.0.453 (including)
Common_management_agent	Mcafee	3.6.0.546 (including)	3.6.0.546 (including)
Common_management_agent	Mcafee	3.6.0.569 (including)	3.6.0.569 (including)
Common_management_agent	Mcafee	3.6.0.574 (including)	3.6.0.574 (including)
Common_management_agent	Mcafee	3.6.0.595 (including)	3.6.0.595 (including)
Common_management_agent	Mcafee	3.6.0.603 (including)	3.6.0.603 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-5115
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References