A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: intel
Published: 2017-09-01T13:00:00Z
Updated: 2024-09-17T02:57:59.897Z
Reserved: 2016-12-26T00:00:00
Link: CVE-2017-3897
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-09-01T13:29:00.507
Modified: 2017-09-06T17:53:35.683
Link: CVE-2017-3897
Redhat
No data.