|
291301
|
- |
|
mcafee
|
mcafee_virtual_technician
epo_mcafee_virtual_technician
|
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via…
|
NVD-CWE-noinfo
|
CVE-2012-4598
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291302
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4597
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291303
|
- |
|
mcafee
|
email_gateway
|
Directory traversal vulnerability in McAfee Email Gateway (MEG) 7.0.0 and 7.0.1 allows remote authenticated users to bypass intended access restrictions and download arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2012-4596
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291304
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.5 through Patch 6 and 5.6 through Patch 3, and McAfee Email Gateway (MEG) 7.0.0 and 7.0.1, allows remote attackers to bypass authentication and obtain an admin s…
|
CWE-287
Improper Authentication
|
CVE-2012-4595
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291305
|
- |
|
mcafee
|
epolicy_orchestrator
|
McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4594
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291306
|
- |
|
mcafee
|
application_control
change_control
|
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4593
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291307
|
- |
|
mcafee
|
enterprise_mobility_manager
|
The Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not set the secure flag for the ASP.NET session cookie in an https session, which makes it easier for remote attackers to captu…
|
NVD-CWE-Other
|
CVE-2012-4592
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291308
|
- |
|
mcafee
|
enterprise_mobility_manager
|
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 discloses the name of the user account for an IIS worker process, which allows remote attackers to obtain potentially …
|
CWE-200
Information Exposure
|
CVE-2012-4591
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291309
|
- |
|
mcafee
|
enterprise_mobility_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 might allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4590
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291310
|
- |
|
mcafee
|
enterprise_mobility_manager
|
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to…
|
NVD-CWE-Other
|
CVE-2012-4589
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
