CVE-2007-1227

Name of the Vulnerable Software and Affected Versions McAfee VirusScan for Mac (Virex) versions prior to 7.7 patch 1

Description The issue allows local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt. This can be exploited to execute arbitrary commands, for example, by symlinking to the root crontab file.

Recommendations For versions prior to 7.7 patch 1, update to version 7.7 patch 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the VShieldExclude.txt file to prevent symlink attacks until a patch is applied.