Lucene search

MitreCVE-2007-2584

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2584

2007-05-1000:19:00

mitre

web.nvd.nist.gov

cve-2007-2584

buffer overflow

mcsubmgr

subscription manager

activex control

mcafee securitycenter

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.547

Percentile

97.7%

JSON

Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.

Affected configurations

Nvd

Node

mcafeesecurity_centerMatch4.3

mcafeesecurity_centerMatch6.0

mcafeesecurity_centerMatch6.0.22

mcafeesecurity_centerMatch7.0

mcafeesecurity_centerMatch7.1

mcafeesecurity_centerMatch7.2

mcafeesecuritycenter_agentMatch6.0

mcafeevirusscanMatch10.0.27

mcafeevirusscanMatch2004

mcafeevirusscanMatch2005

VendorProductVersionCPE
mcafeesecurity_center4.3cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*
mcafeesecurity_center6.0cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*
mcafeesecurity_center6.0.22cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*
mcafeesecurity_center7.0cpe:2.3:a:mcafee:security_center:7.0:*:*:*:*:*:*:*
mcafeesecurity_center7.1cpe:2.3:a:mcafee:security_center:7.1:*:*:*:*:*:*:*
mcafeesecurity_center7.2cpe:2.3:a:mcafee:security_center:7.2:*:*:*:*:*:*:*
mcafeesecuritycenter_agent6.0cpe:2.3:a:mcafee:securitycenter_agent:6.0:*:*:*:*:*:*:*
mcafeevirusscan10.0.27cpe:2.3:a:mcafee:virusscan:10.0.27:*:*:*:*:*:*:*
mcafeevirusscan2004cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*
mcafeevirusscan2005cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mcafee	security_center	4.3	cpe:2.3:a:mcafee:security_center:4.3:::::::*
mcafee	security_center	6.0	cpe:2.3:a:mcafee:security_center:6.0:::::::*
mcafee	security_center	6.0.22	cpe:2.3:a:mcafee:security_center:6.0.22:::::::*
mcafee	security_center	7.0	cpe:2.3:a:mcafee:security_center:7.0:::::::*
mcafee	security_center	7.1	cpe:2.3:a:mcafee:security_center:7.1:::::::*
mcafee	security_center	7.2	cpe:2.3:a:mcafee:security_center:7.2:::::::*
mcafee	securitycenter_agent	6.0	cpe:2.3:a:mcafee:securitycenter_agent:6.0:::::::*
mcafee	virusscan	10.0.27	cpe:2.3:a:mcafee:virusscan:10.0.27:::::::*
mcafee	virusscan	2004	cpe:2.3:a:mcafee:virusscan:2004:::::::*
mcafee	virusscan	2005	cpe:2.3:a:mcafee:virusscan:2005:::::::*

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=528

osvdb.org/35874

secunia.com/advisories/25173

ts.mcafeehelp.com/faq3.asp?docid=419189

www.securityfocus.com/bid/23888

www.securityfocus.com/bid/23909

www.securitytracker.com/id?1018028

www.vupen.com/english/advisories/2007/1717

exchange.xforce.ibmcloud.com/vulnerabilities/34179

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.547

Percentile

97.7%

JSON

Related for CVE-2007-2584