McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.
References
Link | Resource |
---|---|
https://mcafee.com | Product |
https://www.mcafee.com/support/?articleId=TS103348&page=shell&shell=article-view | Vendor Advisory |
Configurations
History
28 Nov 2022, 15:37
Type | Values Removed | Values Added |
---|---|---|
First Time |
Mcafee total Protection
Mcafee |
|
References | (MISC) https://mcafee.com - Product | |
References | (MISC) https://www.mcafee.com/support/?articleId=TS103348&page=shell&shell=article-view - Vendor Advisory | |
CPE | cpe:2.3:a:mcafee:total_protection:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-427 |
23 Nov 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-23 00:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-43751
Mitre link : CVE-2022-43751
CVE.ORG link : CVE-2022-43751
JSON object : View
Products Affected
mcafee
- total_protection
CWE
CWE-427
Uncontrolled Search Path Element