CVE-2012-4586

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:email_and_web_security:5.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_and_web_security:5.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_and_web_security:5.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_gateway:7.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:43

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10020 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10020 - Vendor Advisory

Information

Published : 2012-08-22 10:42

Updated : 2024-11-21 01:43


NVD link : CVE-2012-4586

Mitre link : CVE-2012-4586

CVE.ORG link : CVE-2012-4586


JSON object : View

Products Affected

mcafee

  • email_and_web_security
  • email_gateway
CWE
CWE-264

Permissions, Privileges, and Access Controls