PT-2016-4901 · Mcafee · Mcafee Application Control

Publicado

2016-01-08

Atualizado

2016-01-21

CVE-2016-1715

CVSS v3.1

6.6

Média

Vetor

AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions McAfee Application Control versions 6.1.0 through 6.1.0 build 706 McAfee Application Control versions 6.1.1 through 6.1.1 build 404 McAfee Application Control versions 6.1.2 through 6.1.2 build 449 McAfee Application Control versions 6.1.3 through 6.1.3 build 441 McAfee Application Control versions 6.2.0 through 6.2.0 build 505

Description The issue allows local users to cause a denial of service or gain privileges via a specific syscall, which triggers a zero to be written to an arbitrary kernel memory location, resulting in memory corruption and system crash.

Recommendations For McAfee Application Control version 6.1.0, update to build 706 or later. For McAfee Application Control version 6.1.1, update to build 404 or later. For McAfee Application Control version 6.1.2, update to build 449 or later. For McAfee Application Control version 6.1.3, update to build 441 or later. For McAfee Application Control version 6.2.0, update to build 505 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

CVE-2016-1715

ZDI-16-007

Produtos afetados

Mcafee Application Control

PT-2016-4901 · Mcafee · Mcafee Application Control

CVE-2016-1715

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5