Remote Code Execution Vulnerability in McAfee VirusScan Enterprise by McAfee
CVE-2010-3496

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan Enterprise
Vendor: CVE Published:; 22 August 2012

Summary

The vulnerability relates to the improper handling of hcp:// URLs in versions 8.5i and 8.7i of McAfee VirusScan Enterprise. This flaw enables remote attackers to execute arbitrary code on the system, even when malware is detected by the product. Unfortunately, the detection occurs too late to halt the execution process, posing a significant risk to users. Proper measures should be taken to mitigate this risk, and users are encouraged to apply relevant patches and updates.

References

http://www.securityfocus.com/archive/1/514356

mailing-listx_refsource_BUGTRAQ

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.n00bz.net/antivirus-cve

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 22, 2012