McAfee Subscription Manager ActiveX buffer overflow

Added: 08/25/2006
CVE: CVE-2006-3961
BID: 19265
OSVDB: 27698


McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager ActiveX control implemented by the mcsubmgr.dll file.


A buffer overflow in the McAfee Subscription Manager ActiveX control, mcsubmgr.dll, allows command execution when a specially crafted page is loaded into a web browser.


Upgrade the McAfee product or select Updates from the McAfee system tray icon.



Exploit works on McAfee VirusScan 9.0.10. A user must load the exploit page into Internet Explorer in order for the exploit to succeed. There may be a delay before the exploit succeeds due to the amount of memory which must be allocated on the target.


Windows 2000 / Windows XP

Back to exploit index