CVE-2009-5118

Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share.

Published: Aug 22, 2012
Updated: Apr 13, 2023
CVE: CVE-2009-5118
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mcafee / virusscan_enterprise	-	8.5i.x
mcafee / virusscan_enterprise	8.0i	8.0i.x
mcafee / virusscan_enterprise	8.0i-p11	8.0i-p11.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/78448
https://kc.mcafee.com/corporate/index?page=content&id=SB10013

Vulnerability Database

289,697

CVE-2009-5118