CVE-2012-5879

Published Mar 28, 2013

Last updated 3 months ago

CVSS info 8.2

Overview

Description: An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.2
Impact score: 9.5
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mcafee:mcafee_virtual_technician:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54E24AF5-85AA-4D83-AAA1-59B8C4D91703",
            "versionEndIncluding": "6.5.0.2101"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:mcafee_virtual_technician:6.3.0.1911:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1483D2E-BE0B-45C0-A576-F0150066735F"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E35D5E6-EBA7-41C1-A94B-BB7AE4D15A42",
            "versionEndIncluding": "6.5.0.2101"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "824EC318-D0DC-4D4F-9F30-032BAC76C379"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6316A9A-7DB9-4415-ACCA-B9816AB9F4DD"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E93ADA9B-7678-48D9-976D-9BFF0871ABC9"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DB797A4-F7D8-43AD-AFD4-1F82AB4C78CE"
          },
          {
            "criteria": "cpe:2.3:a:mcafee:epo_mcafee_virtual_technician:1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9763A22-189F-4D46-A835-829A40BD8AC9"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References