Security Bypass in McAfee VirusScan Enterprise and Scan Engine
CVE-2006-4886

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan Enterprise; Scan Engine
Vendor: CVE Published:; 19 September 2006

Summary

The On-Access Scan component of McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 is susceptible to a vulnerability that enables local privileged users to circumvent security protocols. By manipulating the program interface in a rapid sequence, users can disable the On-Access Scan feature via the task bar, exposing systems to potential threats. This issue arises from a race condition in the user interface, allowing unintended access and modification of critical security settings.

References

http://securityreason.com/securityalert/1605

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/446220/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/28971

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 19, 2006
Vulnerability Reserved
Sep 19, 2006