Issue: MA doesn't block local users from modifying the event logs before sharing them with the ePO server. Issue: User with valid credentials can perform a DLL preloading attack with unsigned DLLs. Issue: Unauthorized use of maconfig.exe allows exposure of sensitive information to low privileged users. Issue: DLL injection into MA process FrmInst, mcupdater, UpdaterUI, and McScanCheck via the Appinit_Dll method. Issue: A memory corruption vulnerability exists in the libma_msgbus library that's used by the MA software. Issue: Privilege Escalation vulnerability while running mfemactl.exe. Issue: Side loading vulnerability in mfemactl. Issue: Resolves a privilege escalation vulnerability. Issue: Resolves a command injection vulnerability where a local user injects an arbitrary shell code into the cleanup.exe file. Issue: PSIR-288 - McAfee Agent - Storing Passwords in a Recoverable Format Issue: PSIR-409 SQL Injection to execute system commands vulnerability. Issue: MA Local Privilege Escalation vulnerability. Issue: An uncontrolled search path vulnerability is seen on Windows. Issue: The heap-based buffer overflow vulnerability. Issue: An improper preservation of permission vulnerability is seen on Windows.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |