CVE-2006-3961
Summary
| CVE | CVE-2006-3961 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-08-01 21:04:00 UTC |
| Updated | 2018-10-17 21:32:00 UTC |
| Description | Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Antispyware | 2005 | All | All | All |
| Application | Mcafee | Antispyware | 2006 | All | All | All |
| Application | Mcafee | Antispyware | 2005 | All | All | All |
| Application | Mcafee | Antispyware | 2006 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2004 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2005 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2006 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2004 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2005 | All | All | All |
| Application | Mcafee | Internet Security Suite | 2006 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2004 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2005 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2006 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2004 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2005 | All | All | All |
| Application | Mcafee | Personal Firewall Plus | 2006 | All | All | All |
| Application | Mcafee | Privacy Service | 2004 | All | All | All |
| Application | Mcafee | Privacy Service | 2005 | All | All | All |
| Application | Mcafee | Privacy Service | 2006 | All | All | All |
| Application | Mcafee | Privacy Service | 2004 | All | All | All |
| Application | Mcafee | Privacy Service | 2005 | All | All | All |
| Application | Mcafee | Privacy Service | 2006 | All | All | All |
| Application | Mcafee | Quickclean | 2004 | All | All | All |
| Application | Mcafee | Quickclean | 2005 | All | All | All |
| Application | Mcafee | Quickclean | 2006 | All | All | All |
| Application | Mcafee | Quickclean | 2004 | All | All | All |
| Application | Mcafee | Quickclean | 2005 | All | All | All |
| Application | Mcafee | Quickclean | 2006 | All | All | All |
| Application | Mcafee | Security Center | 4.3 | All | All | All |
| Application | Mcafee | Security Center | 6.0 | All | All | All |
| Application | Mcafee | Security Center | 6.0.22 | All | All | All |
| Application | Mcafee | Security Center | 6.0.23 | All | All | All |
| Application | Mcafee | Security Center | 4.3 | All | All | All |
| Application | Mcafee | Security Center | 6.0 | All | All | All |
| Application | Mcafee | Security Center | 6.0.22 | All | All | All |
| Application | Mcafee | Security Center | 6.0.23 | All | All | All |
| Application | Mcafee | Spamkiller | 5.0 | All | All | All |
| Application | Mcafee | Spamkiller | 6.0 | All | All | All |
| Application | Mcafee | Spamkiller | 7.0 | All | All | All |
| Application | Mcafee | Spamkiller | 5.0 | All | All | All |
| Application | Mcafee | Spamkiller | 6.0 | All | All | All |
| Application | Mcafee | Spamkiller | 7.0 | All | All | All |
| Application | Mcafee | Virusscan | 2004 | All | All | All |
| Application | Mcafee | Virusscan | 2005 | All | All | All |
| Application | Mcafee | Virusscan | 2006 | All | All | All |
| Application | Mcafee | Virusscan | 2004 | All | All | All |
| Application | Mcafee | Virusscan | 2005 | All | All | All |
| Application | Mcafee | Virusscan | 2006 | All | All | All |
| Application | Mcafee | Wireless Home Network Security | 2006 | All | All | All |
| Application | Mcafee | Wireless Home Network Security | 2006 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| BeyondTrust | Privileged Access Management, Cyber Security, and Remote Access (formerly Bomgar) | BeyondTrust | MISC | www.eeye.com | |
| Removing incompatible third party applications | CONFIRM | ts.mcafeehelp.com | |
| BeyondTrust | Privileged Access Management, Cyber Security, and Remote Access (formerly Bomgar) | BeyondTrust | MISC | www.eeye.com | |
| McAfee SecurityCenter Subscription Manager Buffer Overflow - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| 27698 | OSVDB | www.osvdb.org | |
| McAfee SecurityCenter Subscription Manager ActiveX Buffer Overflow Vulnerability | BID | www.securityfocus.com | Patch |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| US-CERT Vulnerability Note VU#481212 | CERT-VN | www.kb.cert.org | US Government Resource |
| SecurityTracker.com Archives - McAfee SecurityCenter Buffer Overflow Lets Remote Users Execute Arbitrary Commands | SECTRACK | securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.