Lucene search

MitreCVE-2007-1226

HistoryMar 02, 2007 - 10:19 p.m.

CVE-2007-1226

2007-03-0222:19:00

mitre

web.nvd.nist.gov

mcafee

virusscan

mac

virex

weak permissions

vulnerability

file scanning

cve-2007-1226

CVSS2

4.1

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

10.0%

JSON

McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.

Affected configurations

Nvd

Node

mcafeevirexRange≤7.7macintosh

VendorProductVersionCPE
mcafeevirex*cpe:2.3:a:mcafee:virex:*:*:macintosh:*:*:*:*:*

Vendor	Product	Version	CPE
mcafee	virex	*	cpe:2.3:a:mcafee:virex:::macintosh:::::*

References

osvdb.org/33798

secunia.com/advisories/24337

securityreason.com/securityalert/2342

www.securityfocus.com/archive/1/461485/100/0/threaded

www.securityfocus.com/bid/22744

www.securitytracker.com/id?1017707

www.vupen.com/english/advisories/2007/0777

knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=518722&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=518722

CVSS2

4.1

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

Percentile

10.0%

JSON

Related for CVE-2007-1226