VYPR

Virusscan Enterprise

by McAfee

CVEs (29)

  • CVE-2016-8024HigMar 14, 2017
    risk 0.56cvss 8.1epss 0.09

    Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.

  • CVE-2016-8023HigMar 14, 2017
    risk 0.56cvss 8.1epss 0.09

    Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.

  • CVE-2016-8020HigMar 14, 2017
    risk 0.56cvss 8.0epss 0.11

    Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.

  • CVE-2016-8022HigMar 14, 2017
    risk 0.53cvss 7.5epss 0.13

    Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.

  • CVE-2018-6674MedMay 25, 2018
    risk 0.44cvss 6.8epss 0.00

    Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges…

  • CVE-2016-8025MedMar 14, 2017
    risk 0.44cvss 6.2epss 0.07

    SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.

  • CVE-2016-8019MedMar 14, 2017
    risk 0.43cvss 6.1epss 0.04

    Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.

  • CVE-2016-8021MedMar 14, 2017
    risk 0.36cvss 5.0epss 0.03

    Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.

  • CVE-2016-3984MedApr 8, 2016
    risk 0.36cvss 5.1epss 0.01

    The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1…

  • CVE-2017-4028MedApr 3, 2018
    risk 0.33cvss 5.0epss 0.01

    Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

  • CVE-2016-8018MedMar 14, 2017
    risk 0.31cvss 4.3epss 0.02

    Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.

  • CVE-2016-8017MedMar 14, 2017
    risk 0.30cvss 4.1epss 0.07

    Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.

  • CVE-2016-8030MedApr 25, 2017
    risk 0.28cvss 4.3epss 0.01

    A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.

  • CVE-2016-8016LowMar 14, 2017
    risk 0.25cvss 3.4epss 0.05

    Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.

  • CVE-2016-4534LowMay 5, 2016
    risk 0.23cvss 3.0epss 0.02

    The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.

  • CVE-2005-4505Dec 23, 2005
    risk 0.03cvss epss 0.01

    Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE…

  • CVE-2020-7337Dec 9, 2020
    risk 0.00cvss epss 0.00

    Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via…

  • CVE-2020-7280Jun 10, 2020
    risk 0.00cvss epss 0.00

    Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic…

  • CVE-2019-3588Jun 10, 2020
    risk 0.00cvss epss 0.00

    Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.

  • CVE-2019-3585Jun 10, 2020
    risk 0.00cvss epss 0.00

    Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with…

Page 1 of 2