Detections
Analytics

McAfee Security-as-a-Service (SaaS) < 5.2.2 ActiveX Controls Arbitrary Code Execution (SB10016)

high Nessus Plugin ID 57728

Language:

Synopsis

The remote Windows host has ActiveX controls installed that could be abused to execute arbitrary code remotely.

Description

Multiple ActiveX controls, installed on the remote Windows host as part of McAfee Security-as-a-Service (SaaS) / Total Protection Service, are potentially affected by the following issues :

 - A flaw in the MyAsUtil.dll ActiveX control can be exploited to execute arbitrary commands.

 - A flaw in the myCIOScn.dll ActiveX control can be exploited to write arbitrary data to a file on the affected computer.

Solution

Upgrade to McAfee SaaS Endpoint Protection 5.2.2 or later.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=SB10016

http://dvlabs.tippingpoint.com/advisory/TPTI-11-12

http://dvlabs.tippingpoint.com/advisory/TPTI-11-13

Plugin Details

Severity: High

ID: 57728

File Name: mcafee_saas_522_multiple_vulns.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 1/30/2012

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:mcafee:saas_endpoint_protection

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 8/4/2011

Vulnerability Publication Date: 8/8/2011

Reference Information

CVE: CVE-2011-3006, CVE-2011-3007

BID: 49088

MCAFEE-SB: SB10016