Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.
Weakness
The product does not properly verify that the source of data or communication is valid.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Application_change_control | Mcafee | * | 7.0.2 (including) |
| Application_change_control | Mcafee | 8.0.0 (including) | 8.0.0 (including) |
| Application_change_control | Mcafee | 8.0.0-hotfix1 (including) | 8.0.0-hotfix1 (including) |
| Application_change_control | Mcafee | 8.0.0-hotfix2 (including) | 8.0.0-hotfix2 (including) |
| Application_change_control | Mcafee | 8.0.0-hotfix3 (including) | 8.0.0-hotfix3 (including) |
| Application_change_control | Mcafee | 8.0.0-hotfix4 (including) | 8.0.0-hotfix4 (including) |
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/111.html
- https://cwe.mitre.org/data/definitions/141.html
- https://cwe.mitre.org/data/definitions/142.html
- https://cwe.mitre.org/data/definitions/160.html
- https://cwe.mitre.org/data/definitions/21.html
- https://cwe.mitre.org/data/definitions/384.html
- https://cwe.mitre.org/data/definitions/385.html
- https://cwe.mitre.org/data/definitions/386.html
- https://cwe.mitre.org/data/definitions/387.html
- https://cwe.mitre.org/data/definitions/388.html
- https://cwe.mitre.org/data/definitions/510.html
- https://cwe.mitre.org/data/definitions/59.html
- https://cwe.mitre.org/data/definitions/60.html
- https://cwe.mitre.org/data/definitions/75.html
- https://cwe.mitre.org/data/definitions/76.html
- https://cwe.mitre.org/data/definitions/89.html