ActiveX Control Vulnerability in McAfee SaaS Endpoint Protection
CVE-2011-3006

Currently unrated

Key Information:

Vendor

Mcafee
Status
Saas Endpoint Protection
Vendor
CVE Published:
10 August 2011

What is CVE-2011-3006?

The MyAsUtil ActiveX control in the McAfee SaaS Endpoint Protection software contains a vulnerability that allows remote attackers to bypass execution policies and execute arbitrary code through Cross-Site Scripting (XSS) attacks. This attack exploits the MyASUtil.SecureObjectFactory.CreateSecureObject method and can lead to significant security breaches by allowing unauthorized actions within the client's environment. Users of McAfee SaaS Endpoint Protection versions 5.2.1 and earlier are particularly at risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/69094
vdb-entryx_refsource_XF
http://dvlabs.tippingpoint.com/advisory/TPTI-11-12
x_refsource_MISC
https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.