ActiveX Control Vulnerability in McAfee Virtual Technician
CVE-2012-5879

Currently unrated

Key Information:

Vendor

Mcafee
Status
Mcafee Virtual Technician
Vendor
CVE Published:
28 March 2013

What is CVE-2012-5879?

An issue exists in the ActiveX control found in McHealthCheck.dll within McAfee Virtual Technician and ePO-MVT versions 6.5.0.2101 and earlier, where remote attackers can exploit a flaw in the Save method. This flaw allows unauthorized users to create or modify arbitrary files due to improper handling of full pathname arguments. Such vulnerabilities can lead to significant security risks, including the potential for system compromise and data integrity issues.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1028357
vdb-entryx_refsource_SECTRACK
http://archives.neohapsis.com/archives/bugtraq/2013-03/01...
mailing-listx_refsource_BUGTRAQ

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.