CVE-2016-8005

medium

Published 2017-03-14 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2

4.0

VIR risk

6.5

Description

File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@intel.com — https://kc.mcafee.com/corporate/index?page=content&id=SB10161

Application impact

Vendor	Product	Versions	Fixed
mcafee	email_gateway	`{"endIncluding":"7.6.401"}`

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10161
https://kc.mcafee.com/corporate/index?page=content&id=SB10161

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.