CVE-2006-3961

Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:antispyware:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:antispyware:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:personal_firewall_plus:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:privacy_service:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:quickclean:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:security_center:6.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:6.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:spamkiller:7.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:wireless_home_network_security:2006:*:*:*:*:*:*:*

History

21 Nov 2024, 00:14

Type Values Removed Values Added
References () http://secunia.com/advisories/21264 - Patch, Vendor Advisory () http://secunia.com/advisories/21264 - Patch, Vendor Advisory
References () http://securitytracker.com/id?1016614 - () http://securitytracker.com/id?1016614 -
References () http://ts.mcafeehelp.com/faq3.asp?docid=407052 - () http://ts.mcafeehelp.com/faq3.asp?docid=407052 -
References () http://www.eeye.com/html/research/advisories/AD2006807.html - () http://www.eeye.com/html/research/advisories/AD2006807.html -
References () http://www.eeye.com/html/research/upcoming/20060719.html - () http://www.eeye.com/html/research/upcoming/20060719.html -
References () http://www.kb.cert.org/vuls/id/481212 - US Government Resource () http://www.kb.cert.org/vuls/id/481212 - US Government Resource
References () http://www.osvdb.org/27698 - () http://www.osvdb.org/27698 -
References () http://www.securityfocus.com/archive/1/442495/100/100/threaded - () http://www.securityfocus.com/archive/1/442495/100/100/threaded -
References () http://www.securityfocus.com/bid/19265 - Patch () http://www.securityfocus.com/bid/19265 - Patch
References () http://www.vupen.com/english/advisories/2006/3096 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/3096 - Vendor Advisory

Information

Published : 2006-08-01 21:04

Updated : 2024-11-21 00:14


NVD link : CVE-2006-3961

Mitre link : CVE-2006-3961

CVE.ORG link : CVE-2006-3961


JSON object : View

Products Affected

mcafee

  • antispyware
  • spamkiller
  • virusscan
  • security_center
  • wireless_home_network_security
  • internet_security_suite
  • personal_firewall_plus
  • quickclean
  • privacy_service
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer