Unrated severityNVD Advisory· Published Aug 22, 2012· Updated Jun 16, 2026
CVE-2012-4586
CVE-2012-4586
Description
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
Affected products
6cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*
- (no CPE)range: >=5.0, <5.5 Patch 6 & >=5.6, <5.6 Patch 3
cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*
- (no CPE)range: <7.0 Patch 1
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexnvdVendor Advisory
News mentions
0No linked articles in our index yet.