Vulnerability Description
McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Virusscan | 4.5.1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0007.html
- http://www.securityfocus.com/bid/6288
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10741
- http://archives.neohapsis.com/archives/bugtraq/2002-12/0007.html
- http://www.securityfocus.com/bid/6288
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10741
FAQ
What is CVE-2002-2282?
CVE-2002-2282 is a vulnerability with a CVSS score of 6.9 (MEDIUM). McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run a...
How severe is CVE-2002-2282?
CVE-2002-2282 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2282?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Virusscan.