Eitan Caspi

**Name of the Vulnerable Software and Affected Versions** McAfee VirusScan Enterprise version 7.1.0 McAfee Scan Engine version 4.4.00 **Description** The issue allows local privileged users to bypass security restrictions and disable the On-Access Scan option, possibly due to an interface-related race condition. This can be achieved by opening the program via the task bar and quickly clicking the Disable button. **Recommendations** For McAfee VirusScan Enterprise version 7.1.0, consider restricting access to the On-Access Scan option to prevent local privileged users from disabling it. For McAfee Scan Engine version 4.4.00, avoid using the Disable button in the task bar interface until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Novell Client for Windows versions 4.8 through 4.9 **Description** The issue allows users with physical access to a locked machine to read the current clipboard contents by pasting them into the "User Name" field on the login prompt, due to a lack of restriction on access to the clipboard contents. **Recommendations** For Novell Client for Windows versions 4.8 through 4.9, consider restricting access to the login prompt or clearing the clipboard contents when the machine is locked as a mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.