ActiveX Control Vulnerability in McAfee Virtual Technician
CVE-2012-5879

Currently unrated

Key Information:

Vendor: Mcafee
Status: Mcafee Virtual Technician
Vendor: CVE Published:; 28 March 2013

Summary

An issue exists in the ActiveX control found in McHealthCheck.dll within McAfee Virtual Technician and ePO-MVT versions 6.5.0.2101 and earlier, where remote attackers can exploit a flaw in the Save method. This flaw allows unauthorized users to create or modify arbitrary files due to improper handling of full pathname arguments. Such vulnerabilities can lead to significant security risks, including the potential for system compromise and data integrity issues.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1028357

vdb-entryx_refsource_SECTRACK

http://archives.neohapsis.com/archives/bugtraq/2013-03/01...

mailing-listx_refsource_BUGTRAQ

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 28, 2013