McAfee.MCINSCTL.DLL.ActiveX.Control.File.Overwrite
Description
This indicates an attack attempt against an arbitrary file overwrite vulnerability in McAfee VirusScan Security Center.
The vulnerability exists in the ActiveX control in MCINSCTL.DLL. It is caused by the failure to use the ObjectSafetySiteLock API to restrict access to required domains. It may allow a remote attacker to create and modify arbitrary files.
Affected Products
McAfee VirusScan 9.0
McAfee VirusScan 8.0
McAfee VirusScan 7.1
McAfee VirusScan 7.0
McAfee VirusScan 6.0
McAfee VirusScan 5.0
McAfee VirusScan 4.5.1
McAfee VirusScan 4.5
McAfee VirusScan 4.0.3
McAfee VirusScan 4.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
McAfee has fixed this issue.
Please update the product automatically or manually.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |