Mcafee Application Control vulnerabilities

CVE-2016-8010 [HIGH] CWE-284 CVE-2016-8010: Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.

CVE-2016-8009 [HIGH] CWE-264 CVE-2016-8009: Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x ve Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.

CVE-2013-7460 [MEDIUM] CWE-284 CVE-2013-7460: A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Con A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.

CVE-2013-7461 [MEDIUM] CWE-284 CVE-2013-7461: A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.

CVE-2014-9920 [MEDIUM] CWE-284 CVE-2014-9920: Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Con Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered no

CVE-2016-1715 [MEDIUM] CWE-189 CVE-2016-1715: The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a

CVE-2012-4593 [MEDIUM] CWE-264 CVE-2012-4593: McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password re McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.