McAfee Security Scan Plus < 3.11.474.2 Multiple Vulnerabilities (TS102593 / TS102614)
High Nessus Plugin ID 100130
SynopsisThe security application installed on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.474.2. It is, therefore, affected by multiple vulnerabilities :
- A privilege escalation vulnerability exists in McUICnt.exe due to certain DLL files being loaded from the same directory as signed binaries that are scanned using a class object from McComponentHostService.McCompHost. A local attacker can exploit this to gain SYSTEM privileges. (CVE-2016-8008)
- A local command execution vulnerability exists in the internal API due to a flaw that allows programs to be executed using the RunProgramEx() function in an class object loaded from McComponentHostService.McCompHost. A local attacker can exploit this to execute commands with SYSTEM privileges. (CVE-2016-8026)
SolutionUpgrade to McAfee Security Scan Plus version 3.11.474.2 or later.