CVE-2009-5115 | Vulnerability Database | Aqua Security

McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.

Affected Software

Name	Vendor	Start Version	End Version
Common_management_agent	Mcafee	3.6.0.595	3.6.0.595
Common_management_agent	Mcafee	3.5.5.580	3.5.5.580
Common_management_agent	Mcafee	3.6.0.603	3.6.0.603
Common_management_agent	Mcafee	3.6.0.574	3.6.0.574
Common_management_agent	Mcafee	3.6.0.569	3.6.0.569
Common_management_agent	Mcafee	3.6.0.453	3.6.0.453
Common_management_agent	Mcafee	3.5.5.568	3.5.5.568
Common_management_agent	Mcafee	3.6.0.546	3.6.0.546
Common_management_agent	Mcafee	3.5.5.577	3.5.5.577
Common_management_agent	Mcafee	3.6.0.438	3.6.0.438
Common_management_agent	Mcafee	3.5.5.438	3.5.5.438
Common_management_agent	Mcafee	3.5.5.588	3.5.5.588

References

https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002
https://exchange.xforce.ibmcloud.com/vulnerabilities/78446

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-5115
CWE	https://cwe.mitre.org/data/definitions/264.html