McAfee Subscription Manager ActiveX buffer overflow

Added: 08/25/2006
CVE: CVE-2006-3961
BID: 19265
OSVDB: 27698

Background

McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager ActiveX control implemented by the mcsubmgr.dll file.

Problem

A buffer overflow in the McAfee Subscription Manager ActiveX control, mcsubmgr.dll, allows command execution when a specially crafted page is loaded into a web browser.

Resolution

Upgrade the McAfee product or select Updates from the McAfee system tray icon.

References

http://www.kb.cert.org/vuls/id/481212
http://www.securityfocus.com/archive/1/442495

Limitations

Exploit works on McAfee VirusScan 9.0.10. A user must load the exploit page into Internet Explorer in order for the exploit to succeed. There may be a delay before the exploit succeeds due to the amount of memory which must be allocated on the target.

Platforms

Windows 2000 / Windows XP

Back to exploit index