exploitDog

CVE-2007-1227

Опубликовано: 02 мар. 2007

Источник: nvd

CVSS2: 6.6

EPSS Низкий

Описание

VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mcafee:virex:*:-:mac:*:*:*:*:*

Версия до 7.7 (включая)

cpe:2.3:a:mcafee:virex:6.2:-:mac:*:*:*:*:*

EPSS

Процентиль: 32%

0.00123

Низкий

6.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-m8fv-wcrv-8j2h

github

почти 4 года назад

VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.

EPSS

Процентиль: 32%

0.00123

Низкий

6.6 Medium

CVSS2

Дефекты

CWE-264