CVE-2012-4598

EUVD-2012-4523
An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via a crafted web site.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
mcafeemcafee_virtual_technician
𝑥
≤ 6.3.0.1911
mcafeeepo_mcafee_virtual_technician
𝑥
≤ 1.0.7
mcafeeepo_mcafee_virtual_technician
1.0
mcafeeepo_mcafee_virtual_technician
1.0.4.0
𝑥
= Vulnerable software versions
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10028
https://kc.mcafee.com/corporate/index?page=content&id=SB10028