McAfee Virtual Technician McHealthCheck.dll ActiveX Control Save() Method Arbitrary File Overwrite (SB10040)
High Nessus Plugin ID 65942
SynopsisAn ActiveX control installed on the remote Windows host can be abused to overwrite arbitrary files.
DescriptionThe remote Windows host has a version of the McAfee Virtual Technician / ePolicy Orchestrator McHealthCheck.dll ActiveX control that allows arbitrary files to be corrupted / overwritten due to a flaw in the Save() method.
If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this issue could potentially be leveraged to overwrite files, potentially leading to remote code execution.
SolutionUpgrade to McAfee Virtual Technician 7.1 / ePolicy Orchestrator 1.1.0 or later.