CVE-2016-4535

HIGH

McAfee LiveSafe 14.0 - Denial of Service via Crafted Packed Executable

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-4535. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a signedness error in McAfee's LiveSafe 14.0, leading to an out-of-bounds access and crash in mscan64a.dll. The vulnerability occurs during the parsing of sections and relocations in packed executables, potentially allowing arbitrary code execution with SYSTEM privileges.

Description

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/39770

This exploit demonstrates a signedness error in McAfee's LiveSafe 14.0, leading to an out-of-bounds access and crash in mscan64a.dll. The vulnerability occurs during the parsing of sections and relocations in packed executables, potentially allowing arbitrary code execution with SYSTEM privileges.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: McAfee LiveSafe 14.0 and other versions
No auth needed
Prerequisites: Untrusted executable file to be scanned by McAfee LiveSafe
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39770/

Scores

CVSS v3 7.5
EPSS 0.0975
EPSS Percentile 94.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
mcafee/livesafe 14.0
Published May 05, 2016
Tracked Since Feb 18, 2026