McAfee VirusScan Enterprise (VSE) 8.8 Patch 4 for Windows

CPE Details

McAfee VirusScan Enterprise (VSE) 8.8 Patch 4 for Windows
mcafee
virusscan_enterprise
8.8
2020-05-15
12h23 +00:00
2020-05-15
12h23 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*

Informations

Vendor

mcafee

Product

virusscan_enterprise

Version

8.8

Update

patch4

Target Software

windows

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7337 2020-12-09 08h40 +00:00 Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
6.7
Medium
CVE-2020-7280 2020-06-10 11h52 +00:00 Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
7.8
High
CVE-2019-3588 2020-06-10 11h47 +00:00 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
6.8
Medium
CVE-2019-3585 2020-06-10 11h42 +00:00 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
7.8
High
CVE-2020-7267 2020-05-08 12h25 +00:00 Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
8.8
High
CVE-2015-8577 2015-12-16 17h00 +00:00 The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
2.6
CVE-2009-1348 2009-04-30 18h00 +00:00 The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
7.6