Vulnerabilities (CVE)

Filtered by vendor Mcafee Subscribe
Filtered by product Saas Endpoint Protection
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-5101 1 Mcafee 1 Saas Endpoint Protection 2024-11-21 5.0 MEDIUM N/A
The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to relay e-mail messages via unspecified vectors, as demonstrated by relaying spam.
CVE-2011-3007 1 Mcafee 1 Saas Endpoint Protection 2024-11-21 6.8 MEDIUM N/A
The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing arbitrary code using the MyCioScan.Scan.Start method.
CVE-2011-3006 1 Mcafee 1 Saas Endpoint Protection 2024-11-21 6.8 MEDIUM N/A
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks.