Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Anti-virus_plus | Mcafee | - (including) | - (including) |
| Endpoint_security | Mcafee | 10.2 (including) | 10.2 (including) |
| Host_intrusion_prevention | Mcafee | * | 8.0 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_1 (including) | 8.0-patch_1 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_2 (including) | 8.0-patch_2 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_3 (including) | 8.0-patch_3 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_4 (including) | 8.0-patch_4 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_5 (including) | 8.0-patch_5 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_6 (including) | 8.0-patch_6 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_7 (including) | 8.0-patch_7 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_8 (including) | 8.0-patch_8 (including) |
| Host_intrusion_prevention | Mcafee | 8.0-patch_9 (including) | 8.0-patch_9 (including) |
| Internet_security | Mcafee | - (including) | - (including) |
| Total_protection | Mcafee | - (including) | - (including) |
| Virus_scan_enterprise | Mcafee | * | 8.8 (including) |
| Virus_scan_enterprise | Mcafee | 8.8-patch_9 (including) | 8.8-patch_9 (including) |