----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

Join the FREE BETA test of the Network Software Inspector (NSI)!
http://secunia.com/network_software_inspector/

The NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

----------------------------------------------------------------------

TITLE:
McAfee SecurityCenter Subscription Manager ActiveX Control Buffer
Overflow

SECUNIA ADVISORY ID:
SA25173

VERIFY ADVISORY:
http://secunia.com/advisories/25173/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

SOFTWARE:
McAfee Wireless Home Network Security 2006
http://secunia.com/product/11211/
McAfee VirusScan Professional 8.x
http://secunia.com/product/5273/
McAfee VirusScan Plus 2007
http://secunia.com/product/14170/
McAfee VirusScan Enterprise 8.x
http://secunia.com/product/3948/
McAfee VirusScan 9.x/2005
http://secunia.com/product/4792/
McAfee VirusScan 8.x/2004
http://secunia.com/product/4740/
McAfee VirusScan 10.x/2006
http://secunia.com/product/9052/
McAfee Total Protection 2007
http://secunia.com/product/14169/
McAfee SpamKiller 7.x
http://secunia.com/product/7790/
McAfee SpamKiller 6.x
http://secunia.com/product/14173/
McAfee SpamKiller 5.x
http://secunia.com/product/6438/
McAfee SecurityCenter 7.x
http://secunia.com/product/14177/
McAfee SecurityCenter 6.x
http://secunia.com/product/6437/
McAfee QuickClean 6.x
http://secunia.com/product/14176/
McAfee QuickClean 5.x
http://secunia.com/product/14175/
McAfee QuickClean 4.x
http://secunia.com/product/14174/
McAfee Privacy Service 6.x
http://secunia.com/product/6481/
McAfee Personal Firewall Plus 7.x/2006
http://secunia.com/product/267/
McAfee PC Protection Plus 2007
http://secunia.com/product/14171/
McAfee Internet Security Suite 2007
http://secunia.com/product/14168/
McAfee Internet Security Suite 2006
http://secunia.com/product/11210/
McAfee Internet Security Suite 2005
http://secunia.com/product/4930/
McAfee AntiSpyware 6.x
http://secunia.com/product/6439/
McAfee SecurityCenter 4.x
http://secunia.com/product/11219/

DESCRIPTION:
A vulnerability has been reported in various McAfee products, which
can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error within the SecurityCenter
Subscription Manager ActiveX control (McSubMgr.dll) when handling the
"IsOldAppInstalled()" method. This can be exploited to cause a buffer
overflow via a specially crafted argument passed to the said method.

Successful exploitation allows execution of arbitrary code when a
user visits a malicious website.

The vulnerability affects versions prior to 7.2.147 and 6.0.25.

SOLUTION:
The fix has reportedly been available via automatic updates since
March 22, 2007.

Update to Security Center version 7.2.147 and 6.0.25, or higher.
http://us.mcafee.com/root/login.asp

Set the kill-bit for the affected ActiveX control.

PROVIDED AND/OR DISCOVERED BY:
Discovered by Peter Vreugdenhil and reported via iDefense Labs.

ORIGINAL ADVISORY:
McAfee:
http://ts.mcafeehelp.com/faq3.asp?docid=419189

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=528

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------