Integer Underflow Vulnerability in McAfee ePolicy Orchestrator and ProtectionPilot
CVE-2006-5271

Currently unrated

Key Information:

Vendor: Mcafee
Status: Protectionpilot; E-business Server
Vendor: CVE Published:; 12 July 2007

Summary

The vulnerability occurs in multiple versions of McAfee ePolicy Orchestrator, ProtectionPilot, and Common Management Agent. It is caused by an integer underflow that enables remote attackers to send specially crafted UDP packets. This results in stack corruption, potentially leading to the execution of arbitrary code on the affected system.

References

http://www.vupen.com/english/advisories/2007/2498

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1018363

vdb-entryx_refsource_SECTRACK

https://knowledge.mcafee.com/article/761/613364_f.SAL_Pub...

x_refsource_CONFIRM

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 12, 2007
Vulnerability Reserved
Oct 13, 2006