{"api_version":"1","generated_at":"2026-04-23T04:09:29+00:00","cve":"CVE-2007-2584","urls":{"html":"https://cve.report/CVE-2007-2584","api":"https://cve.report/api/cve/CVE-2007-2584.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-2584","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-2584"},"summary":{"title":"CVE-2007-2584","description":"Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-05-10 00:19:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2007/1717","name":"http://www.vupen.com/english/advisories/2007/1717","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://ts.mcafeehelp.com/faq3.asp?docid=419189","name":"http://ts.mcafeehelp.com/faq3.asp?docid=419189","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Removing incompatible third party applications","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018028","name":"http://www.securitytracker.com/id?1018028","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"McAfee SecurityCenter Buffer Overflow in the McSubMgr ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25173","name":"http://secunia.com/advisories/25173","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"McAfee SecurityCenter Subscription Manager ActiveX Control Buffer Overflow - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/23888","name":"http://www.securityfocus.com/bid/23888","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528","name":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/23909","name":"http://www.securityfocus.com/bid/23909","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34179","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34179","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/35874","name":"http://osvdb.org/35874","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-2584","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2584","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"securitycenter_agent","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"4.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"6.0.22","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"7.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"security_center","cpe6":"7.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"virusscan","cpe6":"10.0.27","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"virusscan","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"2584","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"virusscan","cpe6":"2005","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T13:42:33.407Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1018028","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1018028"},{"name":"23888","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/23888"},{"name":"20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE","x_transferred"],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"},{"name":"35874","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/35874"},{"name":"25173","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/25173"},{"name":"ADV-2007-1717","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/1717"},{"name":"mcafee-mcsubmgr-activex-bo(34179)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"},{"name":"23909","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/23909"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://ts.mcafeehelp.com/faq3.asp?docid=419189"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-05-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1018028","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1018028"},{"name":"23888","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/23888"},{"name":"20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability","tags":["third-party-advisory","x_refsource_IDEFENSE"],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"},{"name":"35874","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/35874"},{"name":"25173","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/25173"},{"name":"ADV-2007-1717","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/1717"},{"name":"mcafee-mcsubmgr-activex-bo(34179)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"},{"name":"23909","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/23909"},{"tags":["x_refsource_CONFIRM"],"url":"http://ts.mcafeehelp.com/faq3.asp?docid=419189"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-2584","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1018028","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018028"},{"name":"23888","refsource":"BID","url":"http://www.securityfocus.com/bid/23888"},{"name":"20070508 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability","refsource":"IDEFENSE","url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528"},{"name":"35874","refsource":"OSVDB","url":"http://osvdb.org/35874"},{"name":"25173","refsource":"SECUNIA","url":"http://secunia.com/advisories/25173"},{"name":"ADV-2007-1717","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1717"},{"name":"mcafee-mcsubmgr-activex-bo(34179)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34179"},{"name":"23909","refsource":"BID","url":"http://www.securityfocus.com/bid/23909"},{"name":"http://ts.mcafeehelp.com/faq3.asp?docid=419189","refsource":"CONFIRM","url":"http://ts.mcafeehelp.com/faq3.asp?docid=419189"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-2584","datePublished":"2007-05-09T22:00:00.000Z","dateReserved":"2007-05-09T00:00:00.000Z","dateUpdated":"2024-08-07T13:42:33.407Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-05-10 00:19:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*","matchCriteriaId":"DD547C9C-9D50-49ED-8EFE-1DD7484DDED5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*","matchCriteriaId":"210F5447-4FC7-4278-9F2A-C64BBB5A86DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*","matchCriteriaId":"BECBD40D-ACBD-4E88-B230-ECFE98FD9F5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:7.0:*:*:*:*:*:*:*","matchCriteriaId":"8E42B079-DC23-43AC-9437-62B97C88EF3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:7.1:*:*:*:*:*:*:*","matchCriteriaId":"449EAAD6-C4B6-4EC9-9059-1D447C1D60F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:security_center:7.2:*:*:*:*:*:*:*","matchCriteriaId":"D27864F9-A378-4690-9C17-C3B6A55135F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:securitycenter_agent:6.0:*:*:*:*:*:*:*","matchCriteriaId":"FC64577D-EFD8-4D30-B95A-D26075CFD063"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:virusscan:10.0.27:*:*:*:*:*:*:*","matchCriteriaId":"8CC6DF56-10C0-4682-B466-EBBC3640DCE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*","matchCriteriaId":"4D9B7B07-E3EF-4185-927C-CE308829B9A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*","matchCriteriaId":"F58D6A2F-AC08-4C1D-9ABF-4D675A1E87AC"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"2584","Ordinal":"1","Title":"CVE-2007-2584","CVE":"CVE-2007-2584","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"2584","Ordinal":"1","NoteData":"Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.","Type":"Description","Title":"CVE-2007-2584"},{"CveYear":"2007","CveId":"2584","Ordinal":"2","NoteData":"2007-05-09","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"2584","Ordinal":"3","NoteData":"2017-07-28","Type":"Other","Title":"Modified"}]}}}