[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255716

 
 

909

 
 

198991

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-8577Date: (C)2015-12-21   (M)2023-12-22


The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 1.9
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE
  
Reference:
BID-78810
http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations
http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/
https://kc.mcafee.com/corporate/index?page=content&id=SB10142

CPE    1
cpe:/a:mcafee:virusscan_enterprise
CWE    1
CWE-264

© SecPod Technologies