PT-2004-3525 · Microsoft+1 · Windows+2

Published

2004-12-31

Updated

2017-07-20

CVE-2004-2635

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions McAfee Security Installer Control System version 4.0.0.81

Description The issue allows remote attackers to access the Windows registry via web pages that utilize the ActiveX control's RegQueryValue() method.

Recommendations For McAfee Security Installer Control System version 4.0.0.81, consider disabling the ActiveX control or restricting access to the RegQueryValue() method until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2635

Affected Products

Activex

Mcafee Security Installer Control System

Windows

PT-2004-3525 · Microsoft+1 · Windows+2

CVE-2004-2635

Related Identifiers

Affected Products

References · 7