Back to search
CVE-2007-1227
Published: Mar 2, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
22744
vdb-entry
x_refsource_BID
20070227 [NETRAGARD-20070220 SECURITY ADVISORY] [McAfee VirusScan for Mac (Virex) Local root exploit and Scan Bypass]
mailing-list
x_refsource_BUGTRAQ
33797
vdb-entry
x_refsource_OSVDB
1017707
vdb-entry
x_refsource_SECTRACK
ADV-2007-0777
vdb-entry
x_refsource_VUPEN
24337
third-party-advisory
x_refsource_SECUNIA
2342
third-party-advisory
x_refsource_SREASON
mcafee-virex-library-privilege-escalation(32729)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now