Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.
Fixes

Solution

No solution given by the vendor.


Workaround

Remote logging is disabled by default. Turning off remote logging protects against this issue.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: trellix

Published:

Updated: 2024-08-05T06:10:11.293Z

Reserved: 2018-02-06T00:00:00

Link: CVE-2018-6703

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-11T23:29:00.983

Modified: 2024-11-21T04:11:07.200

Link: CVE-2018-6703

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.