Mcafee » Epolicy Orchestrator : Security Vulnerabilities, CVEs, Published In 2007 (Code Execution)
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.
Max CVSS
9.3
EPSS Score
88.79%
Published
2007-03-16
Updated
2011-03-08
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Max CVSS
7.6
EPSS Score
3.63%
Published
2007-07-12
Updated
2017-07-20
2 vulnerabilities found