CVE-2007-1498

Currently unrated

Key Information:

Vendor: Mcafee
Status: Protectionpilot; Epolicy Orchestrator
Vendor: CVE Published:; 16 March 2007

Summary

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.

References

http://www.securityfocus.com/bid/22952

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/2444

third-party-advisoryx_refsource_SREASON

http://www.vupen.com/english/advisories/2007/0931

vdb-entryx_refsource_VUPEN

EPSS Score

83% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 16, 2007
Vulnerability Reserved
Mar 16, 2007