Information Disclosure in McAfee FreeScan ActiveX Object
CVE-2004-1908

Currently unrated

Key Information:

Vendor: Mcafee
Status: Freescan
Vendor: CVE Published:; 31 December 2004

Summary

The McAfee FreeScan ActiveX object contains a vulnerability that permits remote attackers to exploit the GetSpecialFolderLocation function. When certain parameters are utilized, this can lead to the unauthorized retrieval of sensitive information from the affected system. Users of McAfee FreeScan 1 should ensure to apply necessary patches and updates to mitigate potential risks.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2004-A...

mailing-listx_refsource_FULLDISC

http://marc.info/?l=bugtraq&m=108137545531496&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/15782

vdb-entryx_refsource_XF

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Dec 31, 2004