Vendor CVEs
McAfee
All CVEs
561 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0610 | 0.00 | — | 0.02 | Aug 27, 2003 | Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | |||
| CVE-2003-0149 | 0.00 | — | 0.04 | Aug 27, 2003 | Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | |||
| CVE-2003-0616 | 0.00 | — | 0.03 | Aug 27, 2003 | Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | |||
| CVE-2002-2282 | 0.00 | — | 0.00 | Dec 31, 2002 | McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. | |||
| CVE-2002-1875 | 0.00 | — | 0.00 | Dec 31, 2002 | Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity. | |||
| CVE-2001-1456 | 0.00 | — | 0.06 | Sep 4, 2001 | Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | |||
| CVE-2001-0612 | 0.00 | — | 0.03 | Aug 22, 2001 | McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | |||
| CVE-2001-1144 | 0.00 | — | 0.06 | Jul 11, 2001 | Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. | |||
| CVE-2000-1130 | 0.00 | — | 0.02 | Jan 9, 2001 | McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment. | |||
| CVE-2000-1128 | 0.00 | — | 0.00 | Jan 9, 2001 | The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory. | |||
| CVE-2000-0502 | 0.00 | — | 0.00 | Jun 8, 2000 | Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
- CVE-2003-0610Aug 27, 2003risk 0.00cvss —epss 0.02
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.
- CVE-2003-0149Aug 27, 2003risk 0.00cvss —epss 0.04
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.
- CVE-2003-0616Aug 27, 2003risk 0.00cvss —epss 0.03
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
- CVE-2002-2282Dec 31, 2002risk 0.00cvss —epss 0.00
McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.
- CVE-2002-1875Dec 31, 2002risk 0.00cvss —epss 0.00
Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity.
- CVE-2001-1456Sep 4, 2001risk 0.00cvss —epss 0.06
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
- CVE-2001-0612Aug 22, 2001risk 0.00cvss —epss 0.03
McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045.
- CVE-2001-1144Jul 11, 2001risk 0.00cvss —epss 0.06
Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.
- CVE-2000-1130Jan 9, 2001risk 0.00cvss —epss 0.02
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
- CVE-2000-1128Jan 9, 2001risk 0.00cvss —epss 0.00
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
- CVE-2000-0502Jun 8, 2000risk 0.00cvss —epss 0.00
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.
Page 12 of 12