McAfee VirusScan Enterprise Security Bypass Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with McAfee VirusScan Enterprise and is prone to security bypass vulnerability.

Impact

Successful exploitation will allow attackers to execute arbitrary code via malware that is correctly detected by this product. Impact Level: System/Application

Solution

Apply patch from below link, http://go.microsoft.com/fwlink/?LinkId=194729 ***** NOTE: Ignore this warning, if above mentioned patch is applied. *****

Insight

Does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center.

Affected

McAfee VirusScan Enterprise versions 8.5i and 8.7i

References

http://cxsecurity.com/cveshow/CVE-2010-3496
http://osvdb.org/75185
https://kc.mcafee.com/corporate/index?page=content&id=SB10012

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3496

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Apple iTunes Multiple Vulnerabilities - Apr10
Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)

Take action and discover your vulnerabilities