Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-3961

EPSS 71.49% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3961

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
McAfee产品A查验管理器栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
McAee产品查验管理器(McAfee Subscription Manager)是随McAfee很多产品一起发布的用于管理产品许可权限组件,它是一个ActiveX控件,厂商可以通过它检查产品的使用合法性。 McAfee产品查验管理器实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 产品查验管理器的实现模块McSubMgr.dll没有检查传入的参数长度,远程攻击者可以诱使用户访问恶意网站,在网页脚本中向McSubMgr.dll传送超过3000字节长的数据导致发生栈溢出,从而执行
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-3961

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-3961

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-08-01 · 24 CVEs total

CVE-2006-3949Artlinks MosConfig_Absolute_Path 'artlinks.dispnew.php'远程文件包含漏洞
CVE-2006-3960X-Scripts X-Poll 'Top.PHP' SQL注入漏洞
CVE-2006-3959X-Scripts X-Protection 'Protect.PHP' SQL注入漏洞
CVE-2006-3958Taskjitsu 多个不明跨站脚本攻击(XSS)漏洞
CVE-2006-3957Bosdates 'Payment.PHP'远程文件包含漏洞
CVE-2006-3956Advanced Webhost Billing System 'contact.php'跨站脚本执行漏洞
CVE-2006-3955MiniBB 'news.php'远程文件包含漏洞
CVE-2006-3954MyBulletinBoard 'UserCP.PHP'目录遍历漏洞
CVE-2006-3953MyBulletinBoard 'UserCP.PHP'跨站脚本攻击漏洞
CVE-2006-3952Easy File Sharing FTP Server超长PASS命令参数远程缓冲区溢出漏洞
CVE-2006-3951Moodle 'moodle.php'远程文件包含漏洞
CVE-2006-3950X-Scripts X-Statistics 'X-Statistics.PHP' SQL注入漏洞
CVE-2006-3962Com_Bayesiannaivefilter Mambo组件 'lang.php'远程文件包含漏洞
CVE-2006-3948PHPNuke INP 'Modules.PHP'跨站脚本攻击漏洞
CVE-2006-3947Mambatstaff 'mambatstaff.php' MosConfig_Absolute_Path远程文件包含漏洞
CVE-2006-3970Joomla软件的LMO组件 'lmo.php' PHP远程文件包含漏洞
CVE-2006-3969Colophon Component 'Admin.Colophon.PHP'远程文件包含漏洞
CVE-2006-3968Sun Fire T2000错误DSA签名验证漏洞
CVE-2006-3967Moskool Component 'Admin.Moskool.PHP'远程文件包含漏洞
CVE-2006-3966MyNewsGroups 'layersmenu.inc.php'远程文件包含漏洞

Showing top 20 of 24 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-3961

No comments yet

Leave a comment