Mcafee: Security Vulnerabilities
Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.
CVSS Score
5.0
EPSS Score
0.053
Published
2001-07-11
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-01-09
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-06-08
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
CVSS Score
7.2
EPSS Score
0.01
Published
1999-12-22
Page 61