CVE-2015-8992
HIGHMcAfee Security WebAdvisor < 4.0.2 - Malicious File Execution during Installation/Uninstallation
Title source: llmDescription
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462
Scores
CVSS v3
7.0
EPSS
0.0005
EPSS Percentile
15.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (6)
Intel/WebAdvisor
before 4.0.2, 4.0.1 and 3.7.2
mcafee/cloud_av
mcafee/security_scan_plus
mcafee/security_webadvisor
3.7.2
mcafee/security_webadvisor
4.0.1
mcafee/security_webadvisor
4.0.2
Published
Mar 14, 2017
Tracked Since
Feb 18, 2026