VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-03-02 14:19
Updated : 2018-10-16 09:37
NVD link : CVE-2007-1227
Mitre link : CVE-2007-1227
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
mcafee
- virex