{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "19265", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19265"}, {"tags": ["x_refsource_MISC"], "url": "http://www.eeye.com/html/research/upcoming/20060719.html"}, {"name": "1016614", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016614"}, {"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"}, {"name": "27698", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27698"}, {"name": "ADV-2006-3096", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3096"}, {"tags": ["x_refsource_MISC"], "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"}, {"name": "21264", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21264"}, {"name": "VU#481212", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/481212"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3961", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "19265", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19265"}, {"name": "http://www.eeye.com/html/research/upcoming/20060719.html", "refsource": "MISC", "url": "http://www.eeye.com/html/research/upcoming/20060719.html"}, {"name": "1016614", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016614"}, {"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"}, {"name": "27698", "refsource": "OSVDB", "url": "http://www.osvdb.org/27698"}, {"name": "ADV-2006-3096", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3096"}, {"name": "http://www.eeye.com/html/research/advisories/AD2006807.html", "refsource": "MISC", "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"}, {"name": "http://ts.mcafeehelp.com/faq3.asp?docid=407052", "refsource": "CONFIRM", "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"}, {"name": "21264", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21264"}, {"name": "VU#481212", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/481212"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:48:39.348Z"}, "title": "CVE Program Container", "references": [{"name": "19265", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19265"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.eeye.com/html/research/upcoming/20060719.html"}, {"name": "1016614", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016614"}, {"name": "20060807 [EEYEB-20060719] McAfee Subscription Manager Stack Buffer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"}, {"name": "27698", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/27698"}, {"name": "ADV-2006-3096", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3096"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"}, {"name": "21264", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21264"}, {"name": "VU#481212", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/481212"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3961", "datePublished": "2006-08-01T21:00:00", "dateReserved": "2006-08-01T00:00:00", "dateUpdated": "2024-08-07T18:48:39.348Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:antispyware:2005:*:*:*:*:*:*:*", "matchCriteriaId": "B862ADF2-A544-4729-9EE4-D140C58D6AEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:antispyware:2006:*:*:*:*:*:*:*", "matchCriteriaId": "5350EE37-53D7-4DFB-84FC-0FA6A7C1C123", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*", "matchCriteriaId": "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*", "matchCriteriaId": "7E69BB96-F48B-43DA-BA7B-530E5148CCC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2004:*:*:*:*:*:*:*", "matchCriteriaId": "1F3E0836-557F-46C8-BBDE-955D3AEBB6B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2005:*:*:*:*:*:*:*", "matchCriteriaId": "5F62AF06-16DD-4C6C-BD48-BFA08629739C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:personal_firewall_plus:2006:*:*:*:*:*:*:*", "matchCriteriaId": "134C4C4F-92A0-4B89-B06A-4FB8D9513AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:privacy_service:2004:*:*:*:*:*:*:*", "matchCriteriaId": "0F945365-B065-44A6-8CEC-2CBCE4DD23C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:privacy_service:2005:*:*:*:*:*:*:*", "matchCriteriaId": "DB1AC389-8BBF-4784-ABCD-99E379AC6B75", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:privacy_service:2006:*:*:*:*:*:*:*", "matchCriteriaId": "8E03296D-5FC1-450D-BC05-6F6E9A90CF77", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:quickclean:2004:*:*:*:*:*:*:*", "matchCriteriaId": "931427A2-B69B-4418-8374-854A5F9420DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:quickclean:2005:*:*:*:*:*:*:*", "matchCriteriaId": "E19A9E38-E637-487A-BC06-F0CA6481E7EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:quickclean:2006:*:*:*:*:*:*:*", "matchCriteriaId": "AE3B1863-DBB3-4458-899B-CEEAD9275B17", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:security_center:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "DD547C9C-9D50-49ED-8EFE-1DD7484DDED5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:security_center:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "210F5447-4FC7-4278-9F2A-C64BBB5A86DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:security_center:6.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "BECBD40D-ACBD-4E88-B230-ECFE98FD9F5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:security_center:6.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "A82098C7-30FE-464E-891F-868A0209D9DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:spamkiller:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0652B16C-7D9A-4743-AB54-6F205CA1E76D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:spamkiller:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "6CBC8F91-2534-4DAC-BDE3-AE49E19A6A8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:spamkiller:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B33F2AC-4BBE-4DE0-A61E-378972011BB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan:2004:*:*:*:*:*:*:*", "matchCriteriaId": "4D9B7B07-E3EF-4185-927C-CE308829B9A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan:2005:*:*:*:*:*:*:*", "matchCriteriaId": "F58D6A2F-AC08-4C1D-9ABF-4D675A1E87AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan:2006:*:*:*:*:*:*:*", "matchCriteriaId": "9E96246D-3184-4BBB-8675-9B1CBE0B977C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:wireless_home_network_security:2006:*:*:*:*:*:*:*", "matchCriteriaId": "3B3DC47F-853B-44B0-BD8B-C2EE4530B333", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in McSubMgr ActiveX control (mcsubmgr.dll) in McAfee Security Center 6.0.23 for Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, and QuickClean allows remote user-assisted attackers to execute arbitrary commands via long string parameters, which are later used in vsprintf."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en control ActiveX McSubMgr (mcsubmgr.dll) en McAfee Security Center 6.0.23 para Internet Security Suite 2006, Wireless Home Network Security, Personal Firewall Plus, VirusScan, Privacy Service, SpamKiller, AntiSpyware, y QuickClean permite a atacantes con la intervenci\u00f3n del usuario ejecutar comandos de su elecci\u00f3n a trav\u00e9s de par\u00e1ametros string, los cuales son posteriormente usados en vsprintf."}], "id": "CVE-2006-3961", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2006-08-01T21:04:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21264"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016614"}, {"source": "cve@mitre.org", "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"}, {"source": "cve@mitre.org", "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"}, {"source": "cve@mitre.org", "url": "http://www.eeye.com/html/research/upcoming/20060719.html"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/481212"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27698"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/19265"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21264"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016614"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ts.mcafeehelp.com/faq3.asp?docid=407052"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.eeye.com/html/research/advisories/AD2006807.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.eeye.com/html/research/upcoming/20060719.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/481212"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/27698"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/442495/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/19265"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/3096"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}