McAfee VirusScan Enterprise 8.0.0 Buffer Overflow

2006.07.14

Credit: johndoe1529 yahoo com

Risk: High

Local: Yes

Remote: No

CVE: CVE-2006-3575

CWE: CWE-Other

CVSS Base Score: 2.1/10

Impact Subscore: 2.9/10

Exploitability Subscore: 3.9/10

Exploit range: Local

Attack complexity: Low

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Partial

A local Buffer Overflow was discovered in McAfee VirusScan Enterprise 8.0.0.

The overflow can be triggered within the "Buffer OverFlow Protection Properties" by creating a buffer overflow exclusion. Then fill each field

with data, and click ok, and apply

Process name: AAAAAAAAAAAAAAAAA......etc

Module name: AAAAAAAAAAAAAAAAAA......etc

API name: AAAAAAAAAAAAAAAAAAAAA......etc

This will trigger various exceptions based on amount of data added to each field.

This will DoS the AV . McAfee AV will not run correctly again until Buffer Overflow Protection is disabled or the Buffer Overflow Exclusion is removed.

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

McAfee VirusScan Enterprise 8.0.0 Buffer Overflow

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

McAfee VirusScan Enterprise 8.0.0 Buffer Overflow

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.