Description
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514356
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10012
Exploit x_refsource_misc
http://www.n00bz.net/antivirus-cve
Scores
EPSS
0.0147
EPSS Percentile
81.2%
Details
CWE
CWE-264
Status
published
Products (2)
mcafee/virusscan_enterprise
8.5i
mcafee/virusscan_enterprise
8.7i
Published
Aug 22, 2012
Tracked Since
Feb 18, 2026