Memory Corruption Vulnerability in McAfee VirusScan Enterprise
CVE-2016-8030

4.3MEDIUM

Key Information:

Vendor: Mcafee
Status: Virusscan Enterprise
Vendor: CVE Published:; 25 April 2017

What is CVE-2016-8030?

A memory corruption issue exists within the Scriptscan COM Object of McAfee VirusScan Enterprise 8.8 Patch 8 and earlier. This vulnerability allows remote attackers to craft specific HTML links that, when accessed through an active Internet Explorer tab, can lead to a Denial of Service condition. By exploiting this flaw, attackers can disrupt the functionality of the affected software, illustrating the importance of promptly addressing such vulnerabilities to maintain system integrity.

Affected Version(s)

VirusScan Enterprise 8.8 Patch 8 and earlier

References

http://www.securityfocus.com/bid/98041

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2017
Vulnerability Reserved
Sep 9, 2016

Mcafee

What is CVE-2016-8030?

Affected Version(s)

References

CVSS V3.1

Timeline