Remote Code Execution in McAfee SaaS Endpoint Protection via ActiveX Control
CVE-2011-3007

Currently unrated

Key Information:

Vendor: Mcafee
Status: Saas Endpoint Protection
Vendor: CVE Published:; 10 August 2011

Summary

The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection versions 5.2.1 and earlier is susceptible to a vulnerability that allows remote attackers to write to arbitrary files. By manipulating the MyCioScan.Scan.ReportFile parameter, an attacker can specify malicious filenames, leading to injection of harmful scripts into log files. This can ultimately enable execution of arbitrary code through the MyCioScan.Scan.Start method, posing a serious risk to user systems.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/69093

vdb-entryx_refsource_XF

http://osvdb.org/74513

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Aug 10, 2011
Vulnerability Reserved
Aug 2, 2011