Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4586

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-4586
Last Modified 22 Aug 2012 01:55:25
Published 22 Aug 2012 06:42:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-4586

Summary

McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file.

Vulnerable Systems

Application

  • Mcafee Email And Web Security 5.0

  • Mcafee Email And Web Security 5.5

  • Mcafee Email And Web Security 5.6

  • Mcafee Email Gateway 7.0


References

CONFIRM - https://kc.mcafee.com/corporate/index?page=content&id=SB10020


Last Updated: 27 May 2016 11:00:17