12/21/2005

Highly Critical Vulnerability In McAfee SecurityCenter

Filed under: — By Aviran Mordo @ 9:59 am

Peter Vreugdenhil has reported a vulnerability in McAfee SecurityCenter, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error in restricting the browser domain in which the “mcinsctl.dll” ActiveX control can be instantiated. The control contains the “MCINSTALL.McLog” object that can be used to write to a log file. This can be exploited to create or append to arbitrary files, potentially allowing arbitrary code execution by creating files in the user’s startup folder.

Successful exploitation requires that the user is e.g. tricked into visiting a malicious website.

The vulnerability has been reported in “mcinsctl.dll” version 4.0.0.83 that is included with McAfee VirusScan. Other products that contain the vulnerability ActiveX control may also be affected.

Security website Secunia rates this vulnerability as Highly critical and been reportedly fixed via automatic update.

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress