RSS   Vulnerabilities for 'Application control'   RSS

2017-03-14
 
CVE-2016-8010

 

 
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.

 
 
CVE-2016-8009

 

 
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.

 
 
CVE-2014-9920

 

 
Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances.

 
 
CVE-2013-7461

 

 
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.

 
 
CVE-2013-7460

 

 
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.

 
2016-01-12
 
CVE-2016-1715

 

 
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location.

 
2012-08-22
 
CVE-2012-4593

CWE-264
 

 
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.

 

 >>> Vendor: Mcafee 107 Products
Virusscan
Remote desktop 32
Asap virusscan
Webshield smtp
Epolicy orchestrator
Entercept agent
Antivirus engine
Freescan
Security installer control system
Internet security suite
Intrushield security management system
Mcinsctl.dll
Virusscan security center
Common management agent
Virusscan enterprise
Virex
Epolicy orchestrator agent
Antispyware
Personal firewall plus
Privacy service
Quickclean
Security center
Spamkiller
Wireless home network security
Scan engine
Protectionpilot
E-business server
Network agent
Neotrace
Visual trace
Securitycenter agent
Agent
CMA
Mcafee framework
Encrypted usb manager
Safeboot device encryption
Active virus defense
Active virusscan
Email gateway
Securityshield for email servers
Securityshield for microsoft isa server
Securityshield for microsoft sharepoint
Total protection
Total protection for endpoint
Virusscan commandline
Virusscan plus
Virusscan usb
Groupshield
Smartfilter
Email and web security appliance
Intrushield network security manager
Secure mail
Unified threat management firewall firmware
Saas endpoint protection
Gateway
Web gateway
Linuxshield
Host data loss prevention
Firewall reporter
Email and web security
Enterprise mobility manager
Enterprise mobility manager agent
Application control
Change control
Mcafee virtual technician
Epo mcafee virtual technician
Total protection 2010
Vulnerability manager
Superscan
Cloud identity manager
Cloud single sign on
Asset manager
Network security manager
Network data loss prevention
Endpoint encryption for files and folders
Mcafee file and removable media protection
File and removable media protection
Data loss prevention endpoint
Mcafee agent
Advanced threat defense
Epo deep command
Threat intelligence exchange
Enterprise security manager
Enterprise security manager/log manager
Enterprise security manager/receiver
Mcafee enterprise security manager
File lock
Livesafe
Active response
Data exchange layer
Endpoint security
Host intrusion prevention
Smartfilter administration
Security information and event management
Security scan plus
Host intrusion prevention services
Cloud analysis and deconstructive services
Security webadvisor
Cloud av
Saas control console platform
See all Products for Vendor Mcafee


Copyright 2017, cxsecurity.com

 

Back to Top