Vulnerability Description
An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Mcafee Virtual Technician | <= 6.5.0.2101 |
| Mcafee | Epo Mcafee Virtual Technician | <= 6.5.0.2101 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-03/0143.htmlExploit
- http://osvdb.org/91700
- http://www.securityfocus.com/bid/58750Exploit
- http://www.securitytracker.com/id/1028357
- https://kc.mcafee.com/corporate/index?page=content&id=SB10040
- https://www.htbridge.com/advisory/HTB23128
- http://archives.neohapsis.com/archives/bugtraq/2013-03/0143.htmlExploit
- http://osvdb.org/91700
- http://www.securityfocus.com/bid/58750Exploit
- http://www.securitytracker.com/id/1028357
- https://kc.mcafee.com/corporate/index?page=content&id=SB10040
- https://www.htbridge.com/advisory/HTB23128
FAQ
What is CVE-2012-5879?
CVE-2012-5879 is a vulnerability with a CVSS score of 8.2 (HIGH). An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument t...
How severe is CVE-2012-5879?
CVE-2012-5879 has been rated HIGH with a CVSS base score of 8.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5879?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Mcafee Virtual Technician, Mcafee Epo Mcafee Virtual Technician.