CVE-2019-3667: DLL Search Order Hijacking
First published: Wed Dec 11 2019(Updated: )
DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee TechCheck | <=3.0.0.17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-3667?
CVE-2019-3667 is a DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier that allows local users to execute arbitrary code via the local folder placed there by an attacker.
How does CVE-2019-3667 affect McAfee Tech Check?
CVE-2019-3667 affects McAfee Tech Check 3.0.0.17 and earlier versions by allowing local users to execute arbitrary code via a local folder placed by an attacker.
What is the severity of CVE-2019-3667?
CVE-2019-3667 has a severity value of 7.8 (high).
How can I fix CVE-2019-3667 in McAfee Tech Check?
To fix CVE-2019-3667 in McAfee Tech Check, update to version 3.0.0.18 or later.
Where can I find more information about CVE-2019-3667?
You can find more information about CVE-2019-3667 at the following link: https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102996
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee techcheck
- version/mcafee techcheck/3.0.0.17