Vulnerability Description
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Anti-Virus Plus | - |
| Mcafee | Endpoint Security | 10.2 |
| Mcafee | Host Intrusion Prevention | <= 8.0 |
| Mcafee | Internet Security | - |
| Mcafee | Total Protection | - |
| Mcafee | Virus Scan Enterprise | <= 8.8 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97958
- https://kc.mcafee.com/corporate/index?page=content&id=SB10193
- http://www.securityfocus.com/bid/97958
- https://kc.mcafee.com/corporate/index?page=content&id=SB10193
FAQ
What is CVE-2017-4028?
CVE-2017-4028 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee pro...
How severe is CVE-2017-4028?
CVE-2017-4028 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-4028?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Anti-Virus Plus, Mcafee Endpoint Security, Mcafee Host Intrusion Prevention, Mcafee Internet Security, Mcafee Total Protection.