McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability

Bugtraq ID:	23909
Class:	Boundary Condition Error
CVE:	CVE-2007-2584
Remote:	Yes
Local:	No
Published:	May 09 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	callAX is credited with the discovery of this vulnerability.
Vulnerable:	McAfee VirusScan 10.0.21 McAfee SecurityCenter 6.0.22 McAfee SecurityCenter 7.0 McAfee SecurityCenter 6.0 McAfee SecurityCenter 4.3
Not Vulnerable:	McAfee SecurityCenter 7.2.147 McAfee SecurityCenter 6.0.0.25

McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability

McAfee Viruscan McSubMgr.DLL ActiveX control is prone to a buffer-overflow vulnerability because the software fails to perform sufficient boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.

McAfee Virus Scan 10.0.21 uses this vulnerable ActiveX control; other versions may also be affected.

McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability

The following proof of concept is available:

• /data/vulnerabilities/exploits/Mc_Afee_Viruscan_ActiveX_exp.txt

McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability

Solution:
The vendor has released patches and upgrades to address this issue.

McAfee Viruscan GetUserRegisteredForBackend McSubMgr.DLL ActiveX Buffer Overflow Vulnerability

References:

• McAfee Homepage (McAfee)
  
• McAfee Security Bulletin: McAfee SecurityCenter 7.2.147 or higher fixes vulnerab (McAfee)
  
• McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability (iDefense)