CVE-2019-3646

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:total_protection:*:*:*:*:free_trial:*:*:*

History

21 Nov 2024, 04:42

Type Values Removed Values Added
References () http://service.mcafee.com/FAQDocument.aspx?&id=TS102968 - () http://service.mcafee.com/FAQDocument.aspx?&id=TS102968 -
CVSS v2 : 6.0
v3 : 6.5
v2 : 6.0
v3 : 6.9

07 Nov 2023, 03:10

Type Values Removed Values Added
References (CONFIRM) http://service.mcafee.com/FAQDocument.aspx?&id=TS102968 - Patch, Vendor Advisory () http://service.mcafee.com/FAQDocument.aspx?&id=TS102968 -

Information

Published : 2019-09-13 13:15

Updated : 2024-11-21 04:42


NVD link : CVE-2019-3646

Mitre link : CVE-2019-3646

CVE.ORG link : CVE-2019-3646


JSON object : View

Products Affected

mcafee

  • total_protection
CWE
CWE-714

OWASP Top Ten 2007 Category A3 - Malicious File Execution

CWE-426

Untrusted Search Path