CVE-2010-3496

medium

Trellix

CVSS v3 Base Score

6.4

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS Score

1.5%

Exploitation probability in 30 days

Top 19% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

Published: August 22, 2012 (5013 days ago)

Last Modified: April 29, 2026

Vendor: Trellix

Source: NVD

Description

McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.

CWE

CWE-264

Affected Products

mcafee virusscan enterprise

References

🔗 www.n00bz.net 🔗 www.securityfocus.com 🔗 kc.mcafee.com 🔗 www.n00bz.net 🔗 www.securityfocus.com

CVE-2010-3496

Vulnerability Report

Description

CWE

Affected Products

References