A security researcher has discovered a vulnerability in McAfee's VirusScan Command Line Scanner antivirus software that could enable remote attackers to execute malicious code.
The flaw affects VirusScan versions 4510e and older and is caused by a glitch in an embedded DT_RPATH tag, which instructs the software to search the working directory for shared library files in Linux.
An attacker could exploit the flaw by getting a user to run a scan on a rigged file in the directory where they saved it, which would allow the execution of malicious code on the system with user privileges, according to Jakub Moc, a security researcher with Gentoo Linux, who was credited with discovering the vulnerability.
"This is very easy to exploit, and if VirusScan is used in a mail scanner on a mail server, just sending someone an e-mail with an attachment with the right name would execute it," Moc said.
Gentoo Linux rated the severity of the threat as "high," or 3 on a 3-point scale, and Symantec Deepsight gave it an aggregate threat score of 7.8 out of 10. However, the French Security Incident Research Team rated the flaw as "moderate," or 2 on a 4-point scale.