McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability

Bugtraq ID:	23888
Class:	Boundary Condition Error
CVE:	CVE-2007-2584
Remote:	Yes
Local:	No
Published:	May 08 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	Peter Vreugdenhil is credited with the discovery of this vulnerability.
Vulnerable:	McAfee VirusScan 10.0.27 McAfee SecurityCenter Agent 6.0 .16 McAfee SecurityCenter 6.0.22 McAfee SecurityCenter 7.0 McAfee SecurityCenter 6.0 McAfee SecurityCenter 4.3
Not Vulnerable:	McAfee SecurityCenter 7.2.147 McAfee SecurityCenter 6.0.0.25

McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability

The 'McSubMgr.DLL' ActiveX control shipped with McAfee Security Center is prone to a buffer-overflow vulnerability. The software fails to perform sufficient boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer.

McAfee Virus Scan 10.0.27 for Windows XP with Service Pack 2 uses this vulnerable ActiveX control. McAfee Subscription Manager versions prior to 6.0.0.25 and prior to 7.2.147 are vulnerable to this issue; other products may be vulnerable as well.

McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability

The following exploit is available:

• /data/vulnerabilities/exploits/23888.c

McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability

Solution:
The vendor has released patches and upgrades to address this issue.

McAfee Security Center McSubMgr.DLL ActiveX Control Remote Buffer Overflow Vulnerability

References:

• McAfee Homepage (McAfee)
  
• McAfee Security Bulletin: McAfee SecurityCenter 7.2.147 or higher fixes vulnerab (McAfee)
  
• McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability (iDefense)
  
• iDefense Security Advisory 05.08.07: McAfee Security Center IsOldAppInstalled Ac (iDefense)