CVE-2010-3496

Name of the Vulnerable Software and Affected Versions McAfee VirusScan Enterprise versions 8.5i through 8.7i

Description The issue arises from improper interaction with the Microsoft Help and Support Center's processing of hcp:// URLs. This makes it easier for remote attackers to execute arbitrary code via malware. The product correctly detects the malware but does so too late to prevent code execution.

Recommendations For McAfee VirusScan Enterprise versions 8.5i through 8.7i, consider restricting access to the Microsoft Help and Support Center or temporarily disabling the handling of hcp:// URLs until a proper fix is available.