Medium severity5.9NVD Advisory· Published Mar 14, 2017· Updated May 13, 2026

CVE-2014-9920

Description

Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances.

Affected products

McAfee/Application Control6 versions
cpe:2.3:a:mcafee:application_control:6.0.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:mcafee:application_control:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:application_control:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:application_control:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:application_control:6.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:application_control:6.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:application_control:6.1.3:*:*:*:*:*:*:*
Intel/McAfee Application Control (MAC)v5
Range: 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kc.mcafee.com/corporate/indexnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000