Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Virusscan_enterprise
(Mcafee)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 29 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-03-14 | CVE-2016-8024 | Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | Virusscan_enterprise | 8.1 | ||
| 2017-03-14 | CVE-2016-8023 | Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. | Virusscan_enterprise | 8.1 | ||
| 2017-03-14 | CVE-2016-8022 | Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. | Virusscan_enterprise | 7.5 | ||
| 2017-03-14 | CVE-2016-8021 | Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | Virusscan_enterprise | 5.0 | ||
| 2017-03-14 | CVE-2016-8020 | Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. | Virusscan_enterprise | 8.0 | ||
| 2017-03-14 | CVE-2016-8019 | Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input. | Virusscan_enterprise | 6.1 | ||
| 2017-03-14 | CVE-2016-8018 | Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | Virusscan_enterprise | 4.3 | ||
| 2017-03-14 | CVE-2016-8017 | Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | Virusscan_enterprise | 4.1 | ||
| 2017-03-14 | CVE-2016-8016 | Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | Virusscan_enterprise | 3.4 | ||
| 2016-05-05 | CVE-2016-4534 | The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. | Virusscan_enterprise, Windows | 3.0 |