CVE-2004-2635

Published: Dec 31, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method.

Affected (1)

Products: Mcafee: Security Installer Control System

Mcafee

1 product

Security Installer Control System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Security Installer Control System	Version 4.0.0.81

References (12)

http://archives.neohapsis.com/archives/ntbugtraq/2004-q2/0026.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/11493

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/5713

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/10236

Source: cve@mitre.org

http://www.securitytracker.com/alerts/2004/Apr/1009956.html

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/15994

Source: cve@mitre.org

http://archives.neohapsis.com/archives/ntbugtraq/2004-q2/0026.html