McAfee VirusScan Enterprise (VSEL) 2.0.3 for Linux

CPE Details

McAfee VirusScan Enterprise (VSEL) 2.0.3 for Linux
mcafee
virusscan_enterprise
2.0.3
2020-07-28
13h38 +00:00
2020-07-28
13h38 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:mcafee:virusscan_enterprise:2.0.3:*:*:*:*:linux:*:*

Informations

Vendor

mcafee

Product

virusscan_enterprise

Version

2.0.3

Target Software

linux

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-7337 2020-12-09 08h40 +00:00 Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
6.7
Medium
CVE-2016-8016 2017-03-14 21h00 +00:00 Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
3.4
Low
CVE-2016-8017 2017-03-14 21h00 +00:00 Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
4.1
Medium
CVE-2016-8018 2017-03-14 21h00 +00:00 Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
4.3
Medium
CVE-2016-8019 2017-03-14 21h00 +00:00 Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
6.1
Medium
CVE-2016-8020 2017-03-14 21h00 +00:00 Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
8
High
CVE-2016-8021 2017-03-14 21h00 +00:00 Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
5
Medium
CVE-2016-8022 2017-03-14 21h00 +00:00 Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
7.5
High
CVE-2016-8023 2017-03-14 21h00 +00:00 Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
8.1
High
CVE-2016-8024 2017-03-14 21h00 +00:00 Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
8.1
High
CVE-2016-8025 2017-03-14 21h00 +00:00 SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
6.2
Medium
CVE-2015-8577 2015-12-16 17h00 +00:00 The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
2.6
CVE-2010-5143 2012-08-22 10h00 +00:00 McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module.
2.6
CVE-2009-5118 2012-08-22 08h00 +00:00 Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share.
9.3
CVE-2009-1348 2009-04-30 18h00 +00:00 The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
7.6