High severity7.0NVD Advisory· Published Mar 14, 2017· Updated May 13, 2026

CVE-2015-8991

Description

Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.

Affected products

McAfee/Security Webadvisor3 versions
cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:security_webadvisor:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:security_webadvisor:4.0.2:*:*:*:*:*:*:*
McAfee/Cloud Av
cpe:2.3:a:mcafee:cloud_av:-:*:*:*:*:*:*:*
McAfee/Security Scan Plus
cpe:2.3:a:mcafee:security_scan_plus:-:*:*:*:*:*:*:*
Intel/McAfee Security Scan+ (MSS+)v5
Range: before 3.11.266.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

service.mcafee.com/webcenter/portal/cp/home/articleviewnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000