Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for internet_security_suite by mcafee

    CVE-2009-1348 (GCVE-0-2009-1348)

    Vulnerability from nvd – Published: 2009-04-30 20:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:24.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
              },
              {
                "name": "34949",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34949"
              },
              {
                "name": "34780",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34780"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
            },
            {
              "name": "34949",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34949"
            },
            {
              "name": "34780",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34780"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1348",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
                },
                {
                  "name": "34949",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34949"
                },
                {
                  "name": "34780",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34780"
                },
                {
                  "name": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html",
                  "refsource": "MISC",
                  "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1348",
        "datePublished": "2009-04-30T20:00:00.000Z",
        "dateReserved": "2009-04-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:24.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5417 (GCVE-0-2006-5417)

    Vulnerability from nvd – Published: 2006-10-20 10:00 – Updated: 2024-08-07 19:48
    VLAI
    Summary
    McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/448546/100… mailing-listx_refsource_BUGTRAQ
    http://securitytracker.com/id?1017057 vdb-entryx_refsource_SECTRACK
    http://securitydot.net/xpl/exploits/vulnerabiliti… x_refsource_MISC
    http://www.securityfocus.com/bid/20496 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22371 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/1750 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-10-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:48:30.217Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
              },
              {
                "name": "1017057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017057"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
              },
              {
                "name": "20496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20496"
              },
              {
                "name": "mcafee-mcnasvc-dos(29501)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
              },
              {
                "name": "22371",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22371"
              },
              {
                "name": "1750",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1750"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
            },
            {
              "name": "1017057",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017057"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
            },
            {
              "name": "20496",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20496"
            },
            {
              "name": "mcafee-mcnasvc-dos(29501)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
            },
            {
              "name": "22371",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22371"
            },
            {
              "name": "1750",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1750"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5417",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
                },
                {
                  "name": "1017057",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017057"
                },
                {
                  "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html",
                  "refsource": "MISC",
                  "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
                },
                {
                  "name": "20496",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20496"
                },
                {
                  "name": "mcafee-mcnasvc-dos(29501)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
                },
                {
                  "name": "22371",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22371"
                },
                {
                  "name": "1750",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1750"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5417",
        "datePublished": "2006-10-20T10:00:00.000Z",
        "dateReserved": "2006-10-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:48:30.217Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3961 (GCVE-0-2006-3961)

    Vulnerability from nvd – Published: 2006-08-01 21:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19265 vdb-entryx_refsource_BID
    http://www.eeye.com/html/research/upcoming/200607… x_refsource_MISC
    http://securitytracker.com/id?1016614 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/442495/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/27698 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/3096 vdb-entryx_refsource_VUPEN
    http://www.eeye.com/html/research/advisories/AD20… x_refsource_MISC
    http://ts.mcafeehelp.com/faq3.asp?docid=407052 x_refsource_CONFIRM
    http://secunia.com/advisories/21264 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/481212 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2006-07-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.348Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19265",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19265"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
              },
              {
                "name": "1016614",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016614"
              },
              {
                "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
              },
              {
                "name": "27698",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27698"
              },
              {
                "name": "ADV-2006-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3096"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
              },
              {
                "name": "21264",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21264"
              },
              {
                "name": "VU#481212",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/481212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19265",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19265"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
            },
            {
              "name": "1016614",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016614"
            },
            {
              "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
            },
            {
              "name": "27698",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27698"
            },
            {
              "name": "ADV-2006-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3096"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
            },
            {
              "name": "21264",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21264"
            },
            {
              "name": "VU#481212",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/481212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3961",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19265",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19265"
                },
                {
                  "name": "http://www.eeye.com/html/research/upcoming/20060719.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
                },
                {
                  "name": "1016614",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016614"
                },
                {
                  "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
                },
                {
                  "name": "27698",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27698"
                },
                {
                  "name": "ADV-2006-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3096"
                },
                {
                  "name": "http://www.eeye.com/html/research/advisories/AD2006807.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
                },
                {
                  "name": "http://ts.mcafeehelp.com/faq3.asp?docid=407052",
                  "refsource": "CONFIRM",
                  "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
                },
                {
                  "name": "21264",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21264"
                },
                {
                  "name": "VU#481212",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/481212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3961",
        "datePublished": "2006-08-01T21:00:00.000Z",
        "dateReserved": "2006-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3377 (GCVE-0-2005-3377)

    Vulnerability from nvd – Published: 2005-10-29 19:00 – Updated: 2024-08-07 23:10
    VLAI
    Summary
    Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2005-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:10:08.603Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15189",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15189"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/magicbyte.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/magicbyteadv.html"
              },
              {
                "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/updmagic.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15189",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15189"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/magicbyte.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/magicbyteadv.html"
            },
            {
              "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/updmagic.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3377",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15189",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15189"
                },
                {
                  "name": "http://www.securityelf.org/magicbyte.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/magicbyte.html"
                },
                {
                  "name": "http://www.securityelf.org/magicbyteadv.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/magicbyteadv.html"
                },
                {
                  "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
                },
                {
                  "name": "http://www.securityelf.org/updmagic.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/updmagic.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3377",
        "datePublished": "2005-10-29T19:00:00.000Z",
        "dateReserved": "2005-10-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:10:08.603Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1107 (GCVE-0-2005-1107)

    Vulnerability from nvd – Published: 2005-04-18 04:00 – Updated: 2024-09-16 18:49
    VLAI
    Summary
    McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-04-18T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1107",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1107",
        "datePublished": "2005-04-18T04:00:00.000Z",
        "dateReserved": "2005-04-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:49:37.632Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-1348 (GCVE-0-2009-1348)

    Vulnerability from cvelistv5 – Published: 2009-04-30 20:00 – Updated: 2024-08-07 05:13
    VLAI
    Summary
    The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T05:13:24.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
              },
              {
                "name": "34949",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/34949"
              },
              {
                "name": "34780",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/34780"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-10T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
            },
            {
              "name": "34949",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/34949"
            },
            {
              "name": "34780",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/34780"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-1348",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"
                },
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10001\u0026actp=LIST_RECENT"
                },
                {
                  "name": "34949",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/34949"
                },
                {
                  "name": "34780",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/34780"
                },
                {
                  "name": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html",
                  "refsource": "MISC",
                  "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-1348",
        "datePublished": "2009-04-30T20:00:00.000Z",
        "dateReserved": "2009-04-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T05:13:24.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5417 (GCVE-0-2006-5417)

    Vulnerability from cvelistv5 – Published: 2006-10-20 10:00 – Updated: 2024-08-07 19:48
    VLAI
    Summary
    McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/448546/100… mailing-listx_refsource_BUGTRAQ
    http://securitytracker.com/id?1017057 vdb-entryx_refsource_SECTRACK
    http://securitydot.net/xpl/exploits/vulnerabiliti… x_refsource_MISC
    http://www.securityfocus.com/bid/20496 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22371 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/1750 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-10-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:48:30.217Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
              },
              {
                "name": "1017057",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017057"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
              },
              {
                "name": "20496",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20496"
              },
              {
                "name": "mcafee-mcnasvc-dos(29501)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
              },
              {
                "name": "22371",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22371"
              },
              {
                "name": "1750",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1750"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
            },
            {
              "name": "1017057",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017057"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
            },
            {
              "name": "20496",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20496"
            },
            {
              "name": "mcafee-mcnasvc-dos(29501)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
            },
            {
              "name": "22371",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22371"
            },
            {
              "name": "1750",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1750"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5417",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061012 Mcafee Network Agent (mcnasvc.exe) Remote DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/448546/100/0/threaded"
                },
                {
                  "name": "1017057",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017057"
                },
                {
                  "name": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html",
                  "refsource": "MISC",
                  "url": "http://securitydot.net/xpl/exploits/vulnerabilities/articles/1659/exploit.html"
                },
                {
                  "name": "20496",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20496"
                },
                {
                  "name": "mcafee-mcnasvc-dos(29501)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29501"
                },
                {
                  "name": "22371",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22371"
                },
                {
                  "name": "1750",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1750"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5417",
        "datePublished": "2006-10-20T10:00:00.000Z",
        "dateReserved": "2006-10-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:48:30.217Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-3961 (GCVE-0-2006-3961)

    Vulnerability from cvelistv5 – Published: 2006-08-01 21:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19265 vdb-entryx_refsource_BID
    http://www.eeye.com/html/research/upcoming/200607… x_refsource_MISC
    http://securitytracker.com/id?1016614 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/archive/1/442495/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/27698 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/3096 vdb-entryx_refsource_VUPEN
    http://www.eeye.com/html/research/advisories/AD20… x_refsource_MISC
    http://ts.mcafeehelp.com/faq3.asp?docid=407052 x_refsource_CONFIRM
    http://secunia.com/advisories/21264 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/481212 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2006-07-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.348Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19265",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19265"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
              },
              {
                "name": "1016614",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016614"
              },
              {
                "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
              },
              {
                "name": "27698",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/27698"
              },
              {
                "name": "ADV-2006-3096",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3096"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
              },
              {
                "name": "21264",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21264"
              },
              {
                "name": "VU#481212",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/481212"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-07-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19265",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19265"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
            },
            {
              "name": "1016614",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016614"
            },
            {
              "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
            },
            {
              "name": "27698",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/27698"
            },
            {
              "name": "ADV-2006-3096",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3096"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
            },
            {
              "name": "21264",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21264"
            },
            {
              "name": "VU#481212",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/481212"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-3961",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19265",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19265"
                },
                {
                  "name": "http://www.eeye.com/html/research/upcoming/20060719.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/research/upcoming/20060719.html"
                },
                {
                  "name": "1016614",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016614"
                },
                {
                  "name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
                },
                {
                  "name": "27698",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/27698"
                },
                {
                  "name": "ADV-2006-3096",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3096"
                },
                {
                  "name": "http://www.eeye.com/html/research/advisories/AD2006807.html",
                  "refsource": "MISC",
                  "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
                },
                {
                  "name": "http://ts.mcafeehelp.com/faq3.asp?docid=407052",
                  "refsource": "CONFIRM",
                  "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
                },
                {
                  "name": "21264",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21264"
                },
                {
                  "name": "VU#481212",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/481212"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-3961",
        "datePublished": "2006-08-01T21:00:00.000Z",
        "dateReserved": "2006-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-3377 (GCVE-0-2005-3377)

    Vulnerability from cvelistv5 – Published: 2005-10-29 19:00 – Updated: 2024-08-07 23:10
    VLAI
    Summary
    Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2005-10-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:10:08.603Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15189",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15189"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/magicbyte.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/magicbyteadv.html"
              },
              {
                "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityelf.org/updmagic.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15189",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15189"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/magicbyte.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/magicbyteadv.html"
            },
            {
              "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityelf.org/updmagic.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-3377",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15189",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15189"
                },
                {
                  "name": "http://www.securityelf.org/magicbyte.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/magicbyte.html"
                },
                {
                  "name": "http://www.securityelf.org/magicbyteadv.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/magicbyteadv.html"
                },
                {
                  "name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
                },
                {
                  "name": "http://www.securityelf.org/updmagic.html",
                  "refsource": "MISC",
                  "url": "http://www.securityelf.org/updmagic.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-3377",
        "datePublished": "2005-10-29T19:00:00.000Z",
        "dateReserved": "2005-10-29T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:10:08.603Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1107 (GCVE-0-2005-1107)

    Vulnerability from cvelistv5 – Published: 2005-04-18 04:00 – Updated: 2024-09-16 18:49
    VLAI
    Summary
    McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-04-18T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1107",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20050418 McAfee Internet Security Suite 2005 Insecure File Permission Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://www.idefense.com/application/poi/display?id=233\u0026type=vulnerabilities"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1107",
        "datePublished": "2005-04-18T04:00:00.000Z",
        "dateReserved": "2005-04-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:49:37.632Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }