CVE-2006-3961

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2006-3961
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.eeye.com/html/research/upcoming/20060719.html
http://www.securityfocus.com/bid/19265 Patch
http://secunia.com/advisories/21264 Patch Vendor Advisory
http://ts.mcafeehelp.com/faq3.asp?docid=407052
http://securitytracker.com/id?1016614
http://www.eeye.com/html/research/advisories/AD2006807.html
http://www.kb.cert.org/vuls/id/481212 US Government Resource
http://www.osvdb.org/27698
http://www.vupen.com/english/advisories/2006/3096 Vendor Advisory
http://www.securityfocus.com/archive/1/442495/100/100/threaded
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:7.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:antispyware:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:wireless_home_network_security:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:antispyware:2006:*:*:*:*:*:*:*
Information

Published : 2006-08-01 14:04

Updated : 2018-10-17 14:32

NVD link : CVE-2006-3961

Mitre link : CVE-2006-3961

JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa
Products Affected

mcafee

  • internet_security_suite
  • security_center
  • wireless_home_network_security
  • spamkiller
  • antispyware
  • virusscan
  • quickclean
  • privacy_service
  • personal_firewall_plus