Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-3006

EPSS 0.99% · P77
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-3006

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
McAfee SaaS Endpoint Protection MyAsUtil5.2.0.603.dll MyASUtil.InstallInfo实例化设计远程代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
McAfee SaaS Endpoint Protection Suite之前名为Total Protection Service,可有效防护病毒、间谍软件、Web威胁和黑客攻击。 McAfee SaaS Endpoint Protection 5.2.1版本和之前版本的MyAsUtil5.2.0.603.dll中的MyAsUtil ActiveX控件中存在漏洞。远程攻击者可使用跨站脚本攻击绕过MyASUtil.SecureObjectFactory.CreateSecureObject域执行策略,以创建
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2011-3006

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2011-3006

登录查看更多情报信息。

Same Patch Batch · n/a · 2011-08-10 · 47 CVEs total

CVE-2011-2137Adobe Flash Player缓冲区溢出漏洞
CVE-2011-3127WordPress点击劫持攻击漏洞
CVE-2011-3129WordPress文件上传功能权限许可和访问控制漏洞
CVE-2011-2511Red Hat libvirt 数字错误漏洞
CVE-2011-3007McAfee SaaS Endpoint Protection myCIOScn ActiveX控件远程代码执行漏洞
CVE-2011-3122WordPress未明安全漏洞
CVE-2011-3123IBM InfoSphere Information Server权限提升漏洞
CVE-2011-3124IBM InfoSphere Information Server权限提升漏洞
CVE-2011-2178Red Hat libvirt 安全漏洞
CVE-2011-3125WordPress未明安全漏洞
CVE-2011-3126WordPress信息泄露漏洞
CVE-2011-2134Adobe Flash Player缓冲区溢出漏洞
CVE-2011-2130Adobe Flash Player缓冲区溢出漏洞
CVE-2011-1979Microsoft Visio文件解析输入验证漏洞
CVE-2011-1978Microsoft .NET Framework套接字限制绕过漏洞
CVE-2011-1977Microsoft .NET Framework Chart控件信息泄露漏洞
CVE-2011-1976Microsoft Report Viewer控件跨站脚本攻击漏洞
CVE-2011-1975Microsoft Windows Data Access Components不可信搜索路径漏洞
CVE-2011-1974Microsoft Windows Remote Access Service NDISTAPI驱动程序权限提升漏洞
CVE-2011-1972Microsoft Visio流释放RCE漏洞

Showing top 20 of 47 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2011-3006

No comments yet

Leave a comment