Vulnerabilites related to mcafee - security_webadvisor
CVE-2015-8991 (GCVE-0-2015-8991)
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Malicious file execution vulnerability
Summary
Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | McAfee Security Scan+ (MSS+) |
Version: before 3.11.266.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee Security Scan+ (MSS+)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "before 3.11.266.3"
}
]
}
],
"datePublic": "2015-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Malicious file execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2015-8991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee Security Scan+ (MSS+)",
"version": {
"version_data": [
{
"version_value": "before 3.11.266.3"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462",
"refsource": "MISC",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2015-8991",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8993 (GCVE-0-2015-8993)
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Malicious file execution vulnerability
Summary
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | CloudAV (Beta) |
Version: before 0.5.0.151.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudAV (Beta)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "before 0.5.0.151.3"
}
]
}
],
"datePublic": "2015-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Malicious file execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2015-8993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudAV (Beta)",
"version": {
"version_data": [
{
"version_value": "before 0.5.0.151.3"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462",
"refsource": "MISC",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2015-8993",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8992 (GCVE-0-2015-8992)
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Malicious file execution vulnerability
Summary
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | WebAdvisor |
Version: before 4.0.2, 4.0.1 and 3.7.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebAdvisor",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "before 4.0.2, 4.0.1 and 3.7.2"
}
]
}
],
"datePublic": "2015-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Malicious file execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2015-8992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebAdvisor",
"version": {
"version_data": [
{
"version_value": "before 4.0.2, 4.0.1 and 3.7.2"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Malicious file execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462",
"refsource": "MISC",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2015-8992",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | security_webadvisor | 3.7.2 | |
| mcafee | security_webadvisor | 4.0.1 | |
| mcafee | security_webadvisor | 4.0.2 | |
| mcafee | cloud_av | - | |
| mcafee | security_scan_plus | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB888A8-EE45-4DF3-BD5B-1FB4B18DDC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93820F52-CCB6-4999-948D-3D2120622EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8598A38-6CE3-4E06-A3AF-FB7CFFE32E60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:cloud_av:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9555C8AA-3873-4377-9CE9-FDE9C3D72E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_scan_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39058A15-0DFB-4B45-8F60-054D9E18F236",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de archivos maliciosos en Intel Security WebAdvisor en versiones anteriores a 4.0.2, 4.0.1 y 3.7.2 permite a atacantes hacer que el producto sea moment\u00e1neamente vulnerable a trav\u00e9s de la ejecuci\u00f3n de malware preexistente espec\u00edficamente manipulado durante la instalaci\u00f3n o desinstalaci\u00f3n, pero no durante el funcionamiento normal."
}
],
"id": "CVE-2015-8992",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.540",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | security_webadvisor | 3.7.2 | |
| mcafee | security_webadvisor | 4.0.1 | |
| mcafee | security_webadvisor | 4.0.2 | |
| mcafee | cloud_av | - | |
| mcafee | security_scan_plus | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB888A8-EE45-4DF3-BD5B-1FB4B18DDC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93820F52-CCB6-4999-948D-3D2120622EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8598A38-6CE3-4E06-A3AF-FB7CFFE32E60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:cloud_av:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9555C8AA-3873-4377-9CE9-FDE9C3D72E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_scan_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39058A15-0DFB-4B45-8F60-054D9E18F236",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de archivos maliciosos en Intel Security CloudAV (Beta) en versiones anteriores a 0.5.0.151.3 permite a atacantes hacer que el producto sea moment\u00e1neamente vulnerable a trav\u00e9s de la ejecuci\u00f3n de malware preexistente espec\u00edficamente manipulado durante la instalaci\u00f3n o desinstalaci\u00f3n, pero no durante el funcionamiento normal."
}
],
"id": "CVE-2015-8993",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.570",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | security_webadvisor | 3.7.2 | |
| mcafee | security_webadvisor | 4.0.1 | |
| mcafee | security_webadvisor | 4.0.2 | |
| mcafee | cloud_av | - | |
| mcafee | security_scan_plus | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB888A8-EE45-4DF3-BD5B-1FB4B18DDC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93820F52-CCB6-4999-948D-3D2120622EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8598A38-6CE3-4E06-A3AF-FB7CFFE32E60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:cloud_av:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9555C8AA-3873-4377-9CE9-FDE9C3D72E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:security_scan_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39058A15-0DFB-4B45-8F60-054D9E18F236",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de archivos maliciosos en Intel Security McAfee Security Scan+ (MSS+) en versiones anteriores a 3.11.266.3 permite a los atacantes hacer que el producto sea moment\u00e1neamente vulnerable a trav\u00e9s de la ejecuci\u00f3n de malware espec\u00edfico preexistente durante la instalaci\u00f3n o desinstalaci\u00f3n, pero no durante el funcionamiento normal."
}
],
"id": "CVE-2015-8991",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.507",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}