A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them.
References
Link | Resource |
---|---|
https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trellix
Published: 2022-03-10T22:35:09
Updated: 2022-03-10T22:35:09
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-0280
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-10T23:15:08.270
Modified: 2023-11-16T03:13:04.950
Link: CVE-2022-0280
JSON object: View
Redhat Information
No data.
CWE