CVE-2007-1227

VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:virex:*:-:mac:*:*:*:*:*
cpe:2.3:a:mcafee:virex:6.2:-:mac:*:*:*:*:*

History

No history.

Information

Published : 2007-03-02 22:19

Updated : 2024-02-28 11:01


NVD link : CVE-2007-1227

Mitre link : CVE-2007-1227

CVE.ORG link : CVE-2007-1227


JSON object : View

Products Affected

mcafee

  • virex
CWE
CWE-264

Permissions, Privileges, and Access Controls