Arbitrary File Modification Vulnerability in McAfee Virtual Technician (MVT) and ePO-MVT

Arbitrary File Modification Vulnerability in McAfee Virtual Technician (MVT) and ePO-MVT

CVE-2012-5879 · HIGH Severity

AV:N/AC:M/AU:S/C:C/I:C/A:P

An ActiveX control in McHealthCheck.dll in McAfee Virtual Technician (MVT) and ePO-MVT 6.5.0.2101 and earlier allows remote attackers to modify or create arbitrary files via a full pathname argument to the Save method.

Learn more about our Web Application Penetration Testing UK.