admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-36xx/CVE-2019-3667.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

127 lines
3.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-3667",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2019-12-11T07:15:10.360",
"lastModified": "2024-11-21T04:42:19.017",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Secuestro de \u00d3rdenes de B\u00fasqueda de DLL en el cliente de Microsoft Windows en McAfee Tech Check versi\u00f3n 3.0.0.17 y anteriores, permite a usuarios locales ejecutar c\u00f3digo arbitrario por medio de la carpeta local ubicada all\u00ed por parte de un atacante."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.8,
"impactScore": 5.3
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"baseScore": 4.4,
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.0.0.17",
"matchCriteriaId": "4020CEA9-7A0E-4B20-97C9-F5FFEE81FAAC"
}
]
}
]
}
],
"references": [
{
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102996",
"source": "trellixpsirt@trellix.com"
},
{
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102996",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink