VYPR

Vendor CVEs

McAfee

All CVEs

561 total · sorted by risk
  • CVE-2003-0610Aug 27, 2003
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.

  • CVE-2003-0149Aug 27, 2003
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.

  • CVE-2003-0616Aug 27, 2003
    risk 0.00cvss epss 0.03

    Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.

  • CVE-2002-2282Dec 31, 2002
    risk 0.00cvss epss 0.00

    McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.

  • CVE-2002-1875Dec 31, 2002
    risk 0.00cvss epss 0.00

    Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity.

  • CVE-2001-1456Sep 4, 2001
    risk 0.00cvss epss 0.06

    Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

  • CVE-2001-0612Aug 22, 2001
    risk 0.00cvss epss 0.03

    McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045.

  • CVE-2001-1144Jul 11, 2001
    risk 0.00cvss epss 0.06

    Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.

  • CVE-2000-1130Jan 9, 2001
    risk 0.00cvss epss 0.02

    McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.

  • CVE-2000-1128Jan 9, 2001
    risk 0.00cvss epss 0.00

    The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.

  • CVE-2000-0502Jun 8, 2000
    risk 0.00cvss epss 0.00

    Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.

Page 12 of 12