Описание
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-8577
- https://kc.mcafee.com/corporate/index?page=content&id=SB10142
- http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations
- http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations
- http://www.securityfocus.com/bid/78810
EPSS
CVE ID
Связанные уязвимости
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Уязвимость антивирусного программного средства McAfee VirusScan Enterprise, позволяющая нарушителю обойти механизм защиты DEP и ASLR
EPSS