Buffer Overflow in McAfee SecurityCenter Subscription Manager ActiveX Control
CVE-2007-2584

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan; Security Center; Securitycenter Agent
Vendor: CVE Published:; 10 May 2007

Summary

A buffer overflow exists in the IsOldAppInstalled function of the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) found in McAfee SecurityCenter. This vulnerability permits remote attackers to exploit crafted arguments to execute arbitrary code, potentially compromising the security of affected systems. Specific versions that remain susceptible to this vulnerability include those prior to 6.0.25 and 7.x before 7.2.147.

References

http://www.securitytracker.com/id?1018028

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/23888

vdb-entryx_refsource_BID

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 10, 2007
Vulnerability Reserved
May 9, 2007