Vulnerabilites related to mcafee - security_center
Vulnerability from fkie_nvd
Published
2007-05-10 00:19
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | security_center | 4.3 | |
| mcafee | security_center | 6.0 | |
| mcafee | security_center | 6.0.22 | |
| mcafee | security_center | 7.0 | |
| mcafee | security_center | 7.1 | |
| mcafee | security_center | 7.2 | |
| mcafee | securitycenter_agent | 6.0 | |
| mcafee | virusscan | 10.0.27 | |
| mcafee | virusscan | 2004 | |
| mcafee | virusscan | 2005 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DD547C9C-9D50-49ED-8EFE-1DD7484DDED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "210F5447-4FC7-4278-9F2A-C64BBB5A86DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "BECBD40D-ACBD-4E88-B230-ECFE98FD9F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E42B079-DC23-43AC-9437-62B97C88EF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "449EAAD6-C4B6-4EC9-9059-1D447C1D60F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D27864F9-A378-4690-9C17-C3B6A55135F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:securitycenter_agent:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC64577D-EFD8-4D30-B95A-D26075CFD063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:10.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "8CC6DF56-10C0-4682-B466-EBBC3640DCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9B7B07-E3EF-4185-927C-CE308829B9A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "F58D6A2F-AC08-4C1D-9ABF-4D675A1E87AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n IsOldAppInstalled del control ActiveX McSubMgr.McSubMgr Subscription Manager (MCSUBMGR.DLL) en McAfee SecurityCenter anterior a 6.0.25 y 7.x anterior a 7.2.147 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento manipulado."
}
],
"id": "CVE-2007-2584",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-10T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35874"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25173"
},
{
"source": "cve@mitre.org",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=419189"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23888"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23909"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018028"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1717"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=419189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-01 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | antispyware | 2005 | |
| mcafee | antispyware | 2006 | |
| mcafee | internet_security_suite | 2004 | |
| mcafee | internet_security_suite | 2005 | |
| mcafee | internet_security_suite | 2006 | |
| mcafee | personal_firewall_plus | 2004 | |
| mcafee | personal_firewall_plus | 2005 | |
| mcafee | personal_firewall_plus | 2006 | |
| mcafee | privacy_service | 2004 | |
| mcafee | privacy_service | 2005 | |
| mcafee | privacy_service | 2006 | |
| mcafee | quickclean | 2004 | |
| mcafee | quickclean | 2005 | |
| mcafee | quickclean | 2006 | |
| mcafee | security_center | 4.3 | |
| mcafee | security_center | 6.0 | |
| mcafee | security_center | 6.0.22 | |
| mcafee | security_center | 6.0.23 | |
| mcafee | spamkiller | 5.0 | |
| mcafee | spamkiller | 6.0 | |
| mcafee | spamkiller | 7.0 | |
| mcafee | virusscan | 2004 | |
| mcafee | virusscan | 2005 | |
| mcafee | virusscan | 2006 | |
| mcafee | wireless_home_network_security | 2006 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:antispyware:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "B862ADF2-A544-4729-9EE4-D140C58D6AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antispyware:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "5350EE37-53D7-4DFB-84FC-0FA6A7C1C123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "7E69BB96-F48B-43DA-BA7B-530E5148CCC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3E0836-557F-46C8-BBDE-955D3AEBB6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "5F62AF06-16DD-4C6C-BD48-BFA08629739C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "134C4C4F-92A0-4B89-B06A-4FB8D9513AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:privacy_service:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0F945365-B065-44A6-8CEC-2CBCE4DD23C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:privacy_service:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "DB1AC389-8BBF-4784-ABCD-99E379AC6B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:privacy_service:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "8E03296D-5FC1-450D-BC05-6F6E9A90CF77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:quickclean:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "931427A2-B69B-4418-8374-854A5F9420DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:quickclean:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E19A9E38-E637-487A-BC06-F0CA6481E7EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:quickclean:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "AE3B1863-DBB3-4458-899B-CEEAD9275B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DD547C9C-9D50-49ED-8EFE-1DD7484DDED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "210F5447-4FC7-4278-9F2A-C64BBB5A86DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "BECBD40D-ACBD-4E88-B230-ECFE98FD9F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_center:6.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "A82098C7-30FE-464E-891F-868A0209D9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:spamkiller:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0652B16C-7D9A-4743-AB54-6F205CA1E76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:spamkiller:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CBC8F91-2534-4DAC-BDE3-AE49E19A6A8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:spamkiller:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B33F2AC-4BBE-4DE0-A61E-378972011BB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9B7B07-E3EF-4185-927C-CE308829B9A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "F58D6A2F-AC08-4C1D-9ABF-4D675A1E87AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E96246D-3184-4BBB-8675-9B1CBE0B977C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:wireless_home_network_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3DC47F-853B-44B0-BD8B-C2EE4530B333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervenci\u00f3n del usuario ejecutar comandos de su elecci\u00f3n a trav\u00e9s de par\u00e1ametros string, los cuales son posteriormente usados en vsprintf."
}
],
"id": "CVE-2006-3961",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-08-01T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21264"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016614"
},
{
"source": "cve@mitre.org",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
},
{
"source": "cve@mitre.org",
"url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.eeye.com/html/research/upcoming/20060719.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/481212"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27698"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19265"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eeye.com/html/research/upcoming/20060719.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/481212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27698"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/19265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3096"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-2584 (GCVE-0-2007-2584)
Vulnerability from cvelistv5
Published
2007-05-09 22:00
Modified
2024-08-07 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1018028 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/23888 | vdb-entry, x_refsource_BID | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528 | third-party-advisory, x_refsource_IDEFENSE | |
| http://osvdb.org/35874 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/25173 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/1717 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34179 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23909 | vdb-entry, x_refsource_BID | |
| http://ts.mcafeehelp.com/faq3.asp?docid=419189 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018028"
},
{
"name": "23888",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23888"
},
{
"name": "20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"
},
{
"name": "35874",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35874"
},
{
"name": "25173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25173"
},
{
"name": "ADV-2007-1717",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1717"
},
{
"name": "mcafee-mcsubmgr-activex-bo(34179)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"
},
{
"name": "23909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23909"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=419189"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018028",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018028"
},
{
"name": "23888",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23888"
},
{
"name": "20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"
},
{
"name": "35874",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35874"
},
{
"name": "25173",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25173"
},
{
"name": "ADV-2007-1717",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1717"
},
{
"name": "mcafee-mcsubmgr-activex-bo(34179)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"
},
{
"name": "23909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23909"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=419189"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2584",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018028"
},
{
"name": "23888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23888"
},
{
"name": "20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"
},
{
"name": "35874",
"refsource": "OSVDB",
"url": "http://osvdb.org/35874"
},
{
"name": "25173",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25173"
},
{
"name": "ADV-2007-1717",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1717"
},
{
"name": "mcafee-mcsubmgr-activex-bo(34179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"
},
{
"name": "23909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23909"
},
{
"name": "http://ts.mcafeehelp.com/faq3.asp?docid=419189",
"refsource": "CONFIRM",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=419189"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2584",
"datePublished": "2007-05-09T22:00:00",
"dateReserved": "2007-05-09T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3961 (GCVE-0-2006-3961)
Vulnerability from cvelistv5
Published
2006-08-01 21:00
Modified
2024-08-07 18:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/19265 | vdb-entry, x_refsource_BID | |
| http://www.eeye.com/html/research/upcoming/20060719.html | x_refsource_MISC | |
| http://securitytracker.com/id?1016614 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/442495/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/27698 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2006/3096 | vdb-entry, x_refsource_VUPEN | |
| http://www.eeye.com/html/research/advisories/AD2006807.html | x_refsource_MISC | |
| http://ts.mcafeehelp.com/faq3.asp?docid=407052 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/21264 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/481212 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19265",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19265"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/upcoming/20060719.html"
},
{
"name": "1016614",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016614"
},
{
"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
},
{
"name": "27698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27698"
},
{
"name": "ADV-2006-3096",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
},
{
"name": "21264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21264"
},
{
"name": "VU#481212",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/481212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19265",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19265"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/upcoming/20060719.html"
},
{
"name": "1016614",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016614"
},
{
"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
},
{
"name": "27698",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27698"
},
{
"name": "ADV-2006-3096",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
},
{
"name": "21264",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21264"
},
{
"name": "VU#481212",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/481212"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19265",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19265"
},
{
"name": "http://www.eeye.com/html/research/upcoming/20060719.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/upcoming/20060719.html"
},
{
"name": "1016614",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016614"
},
{
"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"
},
{
"name": "27698",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27698"
},
{
"name": "ADV-2006-3096",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3096"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD2006807.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD2006807.html"
},
{
"name": "http://ts.mcafeehelp.com/faq3.asp?docid=407052",
"refsource": "CONFIRM",
"url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"
},
{
"name": "21264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21264"
},
{
"name": "VU#481212",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/481212"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3961",
"datePublished": "2006-08-01T21:00:00",
"dateReserved": "2006-08-01T00:00:00",
"dateUpdated": "2024-08-07T18:48:39.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}