PT-2017-6409 · Mcafee+1 · Mcafee Application Control+1

Published

2017-03-14

Updated

2017-03-29

CVE-2014-9920

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions McAfee Application Control (MAC) versions 6.0.0 through 6.1.3 before respective hotfixes

Description The issue allows attackers to create a malformed Windows binary that is considered non-executable and bypass the whitelisting protection feature through specific circumstances.

Recommendations For McAfee Application Control (MAC) version 6.0.0, apply hotfix 9726. For McAfee Application Control (MAC) version 6.0.1, apply hotfix 9068. For McAfee Application Control (MAC) version 6.1.0, apply hotfix 692. For McAfee Application Control (MAC) version 6.1.1, apply hotfix 399. For McAfee Application Control (MAC) version 6.1.2, apply hotfix 426. For McAfee Application Control (MAC) version 6.1.3, apply hotfix 357.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2014-9920

Affected Products

Mcafee Application Control

Windows

PT-2017-6409 · Mcafee+1 · Mcafee Application Control+1

CVE-2014-9920

Weakness Enumeration

Related Identifiers

Affected Products

References · 2