ActiveX module from McAfee vulnerable
Security service organization iDefense has announced a vulnerability in an ActiveX update search module for the McAfee antivirus end-user product range. Under certain circumstances, attackers can exploit the vulnerability using crafted websites to execute arbitrary program code. Updates from McAfee close the security hole.
The bug is located in the security center-relevant file MCSUBMGR.DLL of the McAfee Subscription Manager module. The manufacturer tagged it during installation as "Safe for scripting", whereby websites can integrate the module in Internet Explorer. By requesting the process IsOldAppInstalled() attackers can trigger a buffer overflow.
The vulnerability affects the Subscription Manager module in Security Center versions prior to 18.104.22.168 and 7.2.147. Users who have not activated automatic updates should launch a manual update to have bug-free components installed.
- McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability, security report from iDefense