OSVDB ID: 27698

Title: McAfee Multiple Products SecurityCenter Subscription Manager ActiveX (McSubMgr.dll) IsAppExpired Overflow

Info

Disclosure
Aug 01, 2006

Discovery
Jul 19, 2006

Dates

Exploit
Unknown

Solution
Aug 01, 2006

Description

 An overflow exists in several McAfee products using SecurityCenter module. A part of this module called "SecurityCenter Subscription Manager ActiveX control" (McSubMgr.dll) fails to handle an overly long string (more than 3000 bytes) in its 'IsAppExpired' member resulting in a stack overflow. By tricking the user into opening a specially crafted web page, an attacker can execute arbitrary commands resulting in a loss of integrity, and/or availability.

Classification

 Location: Remote / Network Access, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Security Software

Solution

 Upgrade to version 6.0.23 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

McAfee

Wireless Home Network Security

 2006
2006

VirusScan

 2004
2005
2006
2004
2005
2006

SpamKiller

 2004
2005
2006
2004
2005
2006

SecurityCenter

 6.0.22
6.0
4.3
6.0.22
6.0
4.3

QuickClean

 2004
2005
2006
2004
2005
2006

Privacy Service

 2004
2005
2006
2004
2005
2006

Personal Firewall Plus

 2004
2005
2006
2004
2005
2006

Internet Security Suite

 2004
2005
2006
2004
2005
2006

AntiSpyware

 2005
2006
2005
2006

References

Credit
  • Karl Lynn -   -
  • Karl Lynn -   -


Direct URL: http://osvdb.org/27698