Stack-based Buffer Overflow in McAfee ePolicy Orchestrator and Related Products
CVE-2006-5272

Currently unrated

Key Information:

Vendor: Mcafee
Status: Protectionpilot; E-business Server; Common Management Agent
Vendor: CVE Published:; 12 July 2007

Summary

A stack-based buffer overflow vulnerability exists in McAfee ePolicy Orchestrator and other related products, specifically in versions 3.5 to 3.6.1 of ePolicy Orchestrator, ProtectionPilot versions 1.1.1 and 1.5, and CMA version 3.6.0.453 and earlier. This flaw can be exploited by attackers sending specially crafted ping packets, potentially allowing them to execute arbitrary code on the affected systems, compromising the security and integrity of the network.

References

http://www.vupen.com/english/advisories/2007/2498

vdb-entryx_refsource_VUPEN

https://knowledge.mcafee.com/article/762/613365_f.SAL_Pub...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/31163

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 12, 2007
Vulnerability Reserved
Oct 13, 2006