CVE-2019-3646

Summary

DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and earlier allows local users to execute arbitrary code via execution from a compromised folder placed by an attacker with administrator rights.

Affected Software

VendorProductVersion RangeStatus
McAfee, LLCMcAfee Total Protection - Free Antivirus Trial16.0 <= 16.0.R18affected

Weaknesses

  • CWE-714: Malicious File Execution (CWE-714, OWASP 2004:A3)

ADP Enrichment

CVE Program Container

Additional References

References