Security News

McAfee VirusScan Enterprise security restrictions bypass

Full Disclosure - 4 March, 2016 - 13:50

Posted by Agazzini Maurizio on Mar 04

Security Advisory @ Mediaservice.net Srl
(#01, 13/04/2016) Data Security Division

Title: McAfee VirusScan Enterprise security restrictions bypass
Application: McAfee VirusScan Enterprise 8.8 and prior versions
Platform: Microsoft Windows
Description: A local Windows administrator is able to bypass the
security restrictions and disable the antivirus engine...

Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege

Full Disclosure - 4 March, 2016 - 13:49

Posted by Stefan Kanthak on Mar 04

Hi,

putty-0.66-installer.exe loads and executes DWMAPI.dll or
UXTheme.dll from its "application directory".

For software downloaded with a web browser the application
directory is typically the user's "Downloads" directory: see
<https://insights.sei.cmu.edu/cert/2008/09/carpet-bombing-and-directory-poisoning.html>,
<http://blog.acrossecurity.com/2012/02/downloads-folder-binary-planting.html>
and <...
Syndicate content