Overview
- Description
- Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances.
- Source
- secure@intel.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-284
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1E9C4E2-83FC-4408-85DB-AB5035A3DDE5"
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3687C94A-5D6C-47B2-B348-133BD053E16F"
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BC98A2C-2971-4DE1-8AB3-A8082DA604A4"
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5749D867-B568-4063-928E-6BC89DA45C82"
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46648D73-F96C-4A75-A9CB-92B2501A9055"
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEDD14FC-0CAA-445F-B29A-F82FB92393E6"
}
],
"operator": "OR"
}
]
}
]