Buffer Overflow Vulnerability in McAfee VirusScan Enterprise
CVE-2015-8577

Currently unrated

Key Information:

Vendor: Mcafee
Status: Virusscan Enterprise
Vendor: CVE Published:; 16 December 2015

Summary

The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before version 8.8 Patch 6 has a serious vulnerability that leads to the allocation of memory with Read, Write, Execute (RWX) permissions at predictable memory addresses on 32-bit systems. This flaw allows malicious actors to bypass essential security mechanisms like Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR), exposing the affected software to potential attacks that could compromise the system's integrity.

References

http://www.securityfocus.com/bid/78810

vdb-entryx_refsource_BID

http://breakingmalware.com/vulnerabilities/sedating-watch...

x_refsource_MISC

http://blog.ensilo.com/the-av-vulnerability-that-bypasses...

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2015
Vulnerability Reserved
Dec 16, 2015