VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-03-02 22:19
Updated : 2024-02-28 11:01
NVD link : CVE-2007-1227
Mitre link : CVE-2007-1227
CVE.ORG link : CVE-2007-1227
JSON object : View
Products Affected
mcafee
- virex
CWE
CWE-264
Permissions, Privileges, and Access Controls