Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
McAfee Total Protection (MTP) - File Deletion vulnerability
Vulnerability Description
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
McAfee Total Protection 安全漏洞
Vulnerability Description
McAfee Total Protection(MTP)是美国迈克菲(McAfee)公司的一套防病毒软件。 McAfee Total Protection for Windows 16.0.43 之前存在安全漏洞,该漏洞允许本地用户获得权限提升并执行任意文件删除。这可能会导致敏感文件被删除,并可能导致拒绝服务。这种攻击利用了符号链接的创建方式以及产品如何使用它们。
CVSS Information
N/A
Vulnerability Type
N/A