Back to search
CVE-2017-3897
Published: Sep 1, 2017
Modified: Sep 17, 2024
PUBLISHED
Description
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.
| Vendor | Product | Versions |
|---|---|---|
McAfee | Live Safe | affected 16.0.3 |
McAfee | Security Scan Plus | affected 3.11.599.3 |
References
100100
vdb-entry
x_refsource_BID
http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS102723
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now