mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-27 05:01:13 +01:00
879 B
879 B
CVE-2011-3006
Description
The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS Endpoint Protection 5.2.1 and earlier allows remote attackers to bypass the MyASUtil.SecureObjectFactory.CreateSecureObject domain execution policy using a cross-site scripting (XSS) attack, execute arbitrary code using the MyASUtil.InstallInfo.RunUserProgram function, and possibly conduct other unspecified attacks.
POC
Reference
Github
No PoCs found on GitHub currently.