CVE-2013-7460

A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.

Published: Mar 14, 2017
Updated: Apr 13, 2023
CVE: CVE-2013-7460
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
mcafee / change_control	-	6.1.0.x
mcafee / application_control	-	6.1.0.x

https://kc.mcafee.com/corporate/index?page=content&id=SB10054

Vulnerability Database

289,599

CVE-2013-7460