Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-3007
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The myCIOScn ActiveX control (myCIOScn.dll) in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to write to arbitrary files by specifying an arbitrary filename in the MyCioScan.Scan.ReportFile parameter, as demonstrated by injecting script into a log file and executing arbitrary code using the MyCioScan.Scan.Start method.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
McAfee SaaS Endpoint Protection myCIOScn ActiveX控件远程代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
McAfee SaaS Endpoint Protection Suite之前名为Total Protection Service,可有效防护病毒、间谍软件、Web威胁和黑客攻击。 McAfee SaaS Endpoint Protection 5.2.1版本和之前版本的myCIOScn ActiveX控件(myCIOScn.dll)中存在漏洞。通过ActiveX公开的MyCioScan.Scan.ReportFile参数可设置为包含敏感系统文件和目录的任意文件名。远程攻击者可通过指定MyCioScan.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2011-3007
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2011-3007
Please Login to view more intelligence information
New Vulnerabilities
Product: n/a
Vendor: n/a
V. Comments for CVE-2011-3007

No comments yet

Leave a comment