Buffer Overflow in McAfee VirusScan Enterprise Affects On-Access Scanner
CVE-2007-2152

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan Enterprise
Vendor: CVE Published:; 19 April 2007

Summary

A buffer overflow vulnerability exists in McAfee VirusScan Enterprise's On-Access Scanner. This issue can be exploited by remote attackers who can craft a long filename containing multi-byte (Unicode) characters. When the On-Access Scanner processes this maliciously constructed filename, it can lead to arbitrary code execution on the affected system. Users are encouraged to apply the latest patches to mitigate the risk associated with this vulnerability.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://www.vupen.com/english/advisories/2007/1435

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/33732

vdb-entryx_refsource_XF

EPSS Score

25% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 19, 2007
Vulnerability Reserved
Apr 19, 2007