CVE-2015-8577
low
CVSS v3
—
CVSS v2
2.6
VIR risk
2.6
Description
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://kc.mcafee.com/corporate/index?page=content&id=SB10142
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mcafee | virusscan_enterprise | {"endIncluding":"8.8.0"} | |
References
- http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations
- http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/
- http://www.securityfocus.com/bid/78810
- https://kc.mcafee.com/corporate/index?page=content&id=SB10142
- http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations
- http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/
- http://www.securityfocus.com/bid/78810
- https://kc.mcafee.com/corporate/index?page=content&id=SB10142
CWEs
CWE-264
Verify integrity in audit chain (admin only). AS-IS.