HTTP: McAfee Security Center MCINSCTL.DLL ActiveX
This signature detects attempts to use unsafe ActiveX controls in McAfee Security Center. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
McAfee VirusScan Security Center is prone to an arbitrary file overwrite vulnerability. Attackers are able to create and modify arbitrary files. Successful exploitation can lead to various attacks including potential arbitrary code execution and remote unauthorized access.
Affected Products
Mcafee virusscan
Short Name
HTTP:STC:ACTIVEX:MCFEE-MCINSCTL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2005-3657 Center MCINSCTL.DLL McAfee Security bid:15986
Release Date
06/30/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Mcafee
CVSS Score
5.0