VShieldCheck in McAfee VirusScan for Mac (Virex) prior to 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee virex |
||
mcafee virex 6.2 |