Secunia Advisory: SA18169 Print Advisory
Release Date: 2005-12-21
Critical:Highly critical
Impact: Manipulation of data
System access
Where: From remote
Solution Status: Vendor Patch
Software: McAfee SecurityCenter 6.x
McAfee VirusScan 4.x
McAfee VirusScan 8.x/2004
McAfee VirusScan 9.x/2005
McAfee VirusScan Professional 7.x
McAfee VirusScan Professional 8.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CVE-2005-3657
Description:
Peter Vreugdenhil has reported a vulnerability in McAfee SecurityCenter, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in restricting the browser domain in which the "mcinsctl.dll" ActiveX control can be instantiated. The control contains the "MCINSTALL.McLog" object that can be used to write to a log file. This can be exploited to create or append to arbitrary files, potentially allowing arbitrary code execution by creating files in the user's startup folder.
Successful exploitation requires that the user is e.g. tricked into visiting a malicious website.
The vulnerability has been reported in "mcinsctl.dll" version 4.0.0.83 that is included with McAfee VirusScan. Other products that contain the vulnerability ActiveX control may also be affected.
Solution:
The vulnerability has reportedly been fixed via automatic update.
Provided and/or discovered by:
Peter Vreugdenhil
Changelog:
2005-12-21: Updated list of affected products.
Original Advisory:
iDEFENSE:
http://www.idefense.com/intellig...lnerabilities/display.php?id=358
Bollettino di Sicurezza Secunia
Release Date: 2005-12-21
Critical:Highly critical
Impact: Manipulation of data
System access
Where: From remote
Solution Status: Vendor Patch
Software: McAfee SecurityCenter 6.x
McAfee VirusScan 4.x
McAfee VirusScan 8.x/2004
McAfee VirusScan 9.x/2005
McAfee VirusScan Professional 7.x
McAfee VirusScan Professional 8.x
Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.
CVE reference: CVE-2005-3657
Description:
Peter Vreugdenhil has reported a vulnerability in McAfee SecurityCenter, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in restricting the browser domain in which the "mcinsctl.dll" ActiveX control can be instantiated. The control contains the "MCINSTALL.McLog" object that can be used to write to a log file. This can be exploited to create or append to arbitrary files, potentially allowing arbitrary code execution by creating files in the user's startup folder.
Successful exploitation requires that the user is e.g. tricked into visiting a malicious website.
The vulnerability has been reported in "mcinsctl.dll" version 4.0.0.83 that is included with McAfee VirusScan. Other products that contain the vulnerability ActiveX control may also be affected.
Solution:
The vulnerability has reportedly been fixed via automatic update.
Provided and/or discovered by:
Peter Vreugdenhil
Changelog:
2005-12-21: Updated list of affected products.
Original Advisory:
iDEFENSE:
http://www.idefense.com/intellig...lnerabilities/display.php?id=358
Bollettino di Sicurezza Secunia