Search
Find a vulnerability
Search criteria
10 vulnerabilities found for common_management_agent by mcafee
CVE-2009-5115 (GCVE-0-2009-5115)
Vulnerability from nvd – Published: 2012-08-22 10:00 – Updated: 2024-08-07 07:32
VLAI
EPSS
VEX
Summary
McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-06-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5115",
"datePublished": "2012-08-22T10:00:00.000Z",
"dateReserved": "2012-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:32:22.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5273 (GCVE-0-2006-5273)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| http://www.nessus.org/plugins/index.php?view=sing… | x_refsource_MISC |
| http://www.osvdb.org/36100 | vdb-entryx_refsource_OSVDB |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| https://knowledge.mcafee.com/article/763/613366_f… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "security-management-bo(31164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
"refsource": "MISC",
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5273",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5272 (GCVE-0-2006-5272)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI
EPSS
VEX
Summary
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| https://knowledge.mcafee.com/article/762/613365_f… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/36099 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5272",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5274 (GCVE-0-2006-5274)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
VLAI
EPSS
VEX
Summary
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/36101 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| https://knowledge.mcafee.com/article/764/613367_f… | x_refsource_CONFIRM |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36101",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5274",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:48:28.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4505 (GCVE-0-2005-4505)
Vulnerability from nvd – Published: 2005-12-23 00:00 – Updated: 2024-08-07 23:46
VLAI
EPSS
VEX
Summary
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://reedarvin.thearvins.com/20051222-01.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/420104/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2005/3077 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1015404 | vdb-entryx_refsource_SECTRACK |
| http://securityreason.com/securityalert/292 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/16040 | vdb-entryx_refsource_BID |
Date Public
2005-12-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://reedarvin.thearvins.com/20051222-01.html",
"refsource": "MISC",
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4505",
"datePublished": "2005-12-23T00:00:00.000Z",
"dateReserved": "2005-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5115 (GCVE-0-2009-5115)
Vulnerability from cvelistv5 – Published: 2012-08-22 10:00 – Updated: 2024-08-07 07:32
VLAI
EPSS
VEX
Summary
McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2009-06-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:22.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
},
{
"name": "mcafee-cma-file-overwrite(78446)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5115",
"datePublished": "2012-08-22T10:00:00.000Z",
"dateReserved": "2012-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:32:22.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5273 (GCVE-0-2006-5273)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI
EPSS
VEX
Summary
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| http://www.nessus.org/plugins/index.php?view=sing… | x_refsource_MISC |
| http://www.osvdb.org/36100 | vdb-entryx_refsource_OSVDB |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| https://knowledge.mcafee.com/article/763/613366_f… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "security-management-bo(31164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
"refsource": "MISC",
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5273",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5272 (GCVE-0-2006-5272)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI
EPSS
VEX
Summary
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| https://knowledge.mcafee.com/article/762/613365_f… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/36099 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5272",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5274 (GCVE-0-2006-5274)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
VLAI
EPSS
VEX
Summary
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.osvdb.org/36101 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/2498 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1018363 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/26029 | third-party-advisoryx_refsource_SECUNIA |
| https://knowledge.mcafee.com/article/764/613367_f… | x_refsource_CONFIRM |
| http://www.iss.net/threats/269.html | third-party-advisoryx_refsource_ISS |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/24863 | vdb-entryx_refsource_BID |
Date Public
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36101",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5274",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:48:28.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4505 (GCVE-0-2005-4505)
Vulnerability from cvelistv5 – Published: 2005-12-23 00:00 – Updated: 2024-08-07 23:46
VLAI
EPSS
VEX
Summary
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://reedarvin.thearvins.com/20051222-01.html | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/420104/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2005/3077 | vdb-entryx_refsource_VUPEN |
| http://securitytracker.com/id?1015404 | vdb-entryx_refsource_SECTRACK |
| http://securityreason.com/securityalert/292 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/16040 | vdb-entryx_refsource_BID |
Date Public
2005-12-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16040"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://reedarvin.thearvins.com/20051222-01.html",
"refsource": "MISC",
"url": "http://reedarvin.thearvins.com/20051222-01.html"
},
{
"name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
},
{
"name": "mcafee-naprdmgr-privilege-escalation(23815)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
},
{
"name": "ADV-2005-3077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3077"
},
{
"name": "1015404",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015404"
},
{
"name": "292",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/292"
},
{
"name": "16040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16040"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4505",
"datePublished": "2005-12-23T00:00:00.000Z",
"dateReserved": "2005-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:46:05.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}