CVE-2015-8992

{"id": "CVE-2015-8992", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}]}, "published": "2017-03-14T22:59:00.540", "references": [{"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de archivos maliciosos en Intel Security WebAdvisor en versiones anteriores a 4.0.2, 4.0.1 y 3.7.2 permite a atacantes hacer que el producto sea moment\u00e1neamente vulnerable a trav\u00e9s de la ejecuci\u00f3n de malware preexistente espec\u00edficamente manipulado durante la instalaci\u00f3n o desinstalaci\u00f3n, pero no durante el funcionamiento normal."}], "lastModified": "2017-03-23T18:19:30.977", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:security_webadvisor:3.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BB888A8-EE45-4DF3-BD5B-1FB4B18DDC49"}, {"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93820F52-CCB6-4999-948D-3D2120622EFA"}, {"criteria": "cpe:2.3:a:mcafee:security_webadvisor:4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8598A38-6CE3-4E06-A3AF-FB7CFFE32E60"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:cloud_av:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9555C8AA-3873-4377-9CE9-FDE9C3D72E08"}, {"criteria": "cpe:2.3:a:mcafee:security_scan_plus:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39058A15-0DFB-4B45-8F60-054D9E18F236"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}