Full Disclosure mailing list archives
Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta)
From: "Stefan Kanthak" <stefan.kanthak () nexgo de>
Date: Mon, 14 Dec 2015 22:19:03 +0100
Hi @ll, several McAfee "security" products, most notably their Security Scan Plus (see <http://seclists.org/fulldisclosure/2014/Apr/226> for a previous advisory) which Adobe pushes to unsuspecting users of Adobe Reader and Flash Player, are offered as executable installers built with the vulnerable Nullsoft Scriptable Install System (NSIS) (see <http://seclists.org/fulldisclosure/2015/Dec/32> for details). These executable installers are vulnerable and allow arbitrary (remote) code execution and escalation of privilege via the well- known attacks already published in the advisory regarding NSIS and the advisory <http://seclists.org/fulldisclosure/2015/Nov/101> titled Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers For details specific to Intel's/McAfee's products and their vulnerabilities see Intel's Security Bulletin published today: <https://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS102462> stay tuned Stefan Kanthak _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) Stefan Kanthak (Dec 16)