Vigil@nce - McAfee VirusScan Enterprise: privilege elevation without Access Protection
March 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the Access Protection feature is disabled, a local attacker
can use a vulnerability of McAfee VirusScan Enterprise, in order
to execute code with system privileges.
Impacted products: VirusScan
Severity: 2/4
Creation date: 26/02/2013
DESCRIPTION OF THE VULNERABILITY
When the Access Protection feature is disabled, a local attacker
can use a vulnerability of McAfee VirusScan Enterprise, in order
to execute code with system privileges.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN