製品・ソフトウェアに関する情報

JVN脆弱性詳細

Intel Security Anti-Virus Engine におけるローカルセキュリティ保護を回避される脆弱性

Title	Intel Security Anti-Virus Engine におけるローカルセキュリティ保護を回避される脆弱性
Summary	Intel Security Anti-Virus Engine (AVE) には、ローカルセキュリティ保護を回避される脆弱性が存在します。
Possible impacts	ローカルユーザにより、巧妙に細工された入力ファイルを介して、ローカルセキュリティ保護を回避される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Sept. 9, 2016, midnight
Registration Date	April 28, 2017, 11:30 a.m.
Last Update	April 28, 2017, 11:30 a.m.

CVSS3.0 : 重要
Score	7.3
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS2.0 : 警告
Score	4.4
Vector	AV:L/AC:M/Au:N/C:P/I:P/A:P

Affected System

マカフィー

Anti-Malware Scan Engine for AIX 5200 から 5800

Anti-Malware Scan Engine for FreeBSD 5200 から 5800

Anti-Malware Scan Engine for HP-UX 5200 から 5800

Anti-Malware Scan Engine for Linux 5200 から 5800

Anti-Malware Scan Engine for Sun Solaris 5200 から 5800

Anti-Malware Scan Engine for Windows 5200 から 5800

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-8031	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8031
National Vulnerability Database (NVD)
2	CVE-2016-8031	https://nvd.nist.gov/vuln/detail/CVE-2016-8031

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
McAfee Security Bulletin
1	SB10191	https://kc.mcafee.com/corporate/index?page=content&id=SB10191

Change Log

No	Changed Details	Date of change
0	[2017年04月28日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2016-8031

Summary	Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file.
Publication Date	March 29, 2017, 12:59 a.m.
Registration Date	Jan. 26, 2021, 2:18 p.m.
Last Update	Nov. 21, 2024, 11:58 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::aix::

Related information, measures and tools

No	URL	タグ
1	http://www.securityfocus.com/bid/97142	Third Party Advisory VDB Entry
2	http://www.securityfocus.com/bid/97142	Third Party Advisory VDB Entry
3	http://www.securitytracker.com/id/1038159	Third Party Advisory VDB Entry
4	http://www.securitytracker.com/id/1038159	Third Party Advisory VDB Entry
5	https://kc.mcafee.com/corporate/index?page=content&id=SB10191	Patch Vendor Advisory
6	https://kc.mcafee.com/corporate/index?page=content&id=SB10191	Patch Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-264	認可・権限・アクセス制御	https://cwe.mitre.org/data/definitions/264.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::linux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::windows::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::freebsd::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::solaris::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::hp-ux::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5200:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5300:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5400:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5500:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5600:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5700:::::aix::
cpe:2.3:a:mcafee:anti-malware_scan_engine:5800:::::aix::