McAfee.NeoTrace.ActiveX.Control.Buffer.Overflow
Description
The NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express and NeoTrace Pro (aka McAfee Visual Trace) have a stack based buffer overflow vulnerability. A remote attacker could execute arbitrary code on a vulnerable system, with the privileges of the victim, by sending a long argument string to the TraceTarget method.
Affected Products
McAfee NeoTrace Professional 3.25
McAfee NeoTrace Express 3.25
Impact
System compromise, remote code execution.
Recommended Actions
Currently we are not aware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |