Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for common_management_agent by mcafee

    CVE-2009-5115 (GCVE-0-2009-5115)

    Vulnerability from nvd – Published: 2012-08-22 10:00 – Updated: 2024-08-07 07:32
    VLAI
    Summary
    McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:32:22.379Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
              },
              {
                "name": "mcafee-cma-file-overwrite(78446)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
            },
            {
              "name": "mcafee-cma-file-overwrite(78446)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-5115",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
                },
                {
                  "name": "mcafee-cma-file-overwrite(78446)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-5115",
        "datePublished": "2012-08-22T10:00:00.000Z",
        "dateReserved": "2012-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:32:22.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5273 (GCVE-0-2006-5273)

    Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    http://www.nessus.org/plugins/index.php?view=sing… x_refsource_MISC
    http://www.osvdb.org/36100 vdb-entryx_refsource_OSVDB
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    https://knowledge.mcafee.com/article/763/613366_f… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.351Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "security-management-bo(31164)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
              },
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
              },
              {
                "name": "36100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36100"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "security-management-bo(31164)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
            },
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
            },
            {
              "name": "36100",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36100"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5273",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "security-management-bo(31164)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
                },
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
                  "refsource": "MISC",
                  "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
                },
                {
                  "name": "36100",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36100"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5273",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5272 (GCVE-0-2006-5272)

    Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    https://knowledge.mcafee.com/article/762/613365_f… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/36099 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
              },
              {
                "name": "security-management-ping-bo(31163)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "36099",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36099"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
            },
            {
              "name": "security-management-ping-bo(31163)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "36099",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36099"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5272",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
                },
                {
                  "name": "security-management-ping-bo(31163)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "36099",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36099"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5272",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5274 (GCVE-0-2006-5274)

    Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
    VLAI
    Summary
    Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/36101 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    https://knowledge.mcafee.com/article/764/613367_f… x_refsource_CONFIRM
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:48:28.638Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36101"
              },
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "name": "security-management-integer-overflow(31165)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36101",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36101"
            },
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "name": "security-management-integer-overflow(31165)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5274",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36101",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36101"
                },
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "security-management-integer-overflow(31165)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5274",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:48:28.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4505 (GCVE-0-2005-4505)

    Vulnerability from nvd – Published: 2005-12-23 00:00 – Updated: 2024-08-07 23:46
    VLAI
    Summary
    Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://reedarvin.thearvins.com/20051222-01.html x_refsource_MISC
    http://www.securityfocus.com/archive/1/420104/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2005/3077 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015404 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/292 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/16040 vdb-entryx_refsource_BID
    Date Public
    2005-12-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:46:05.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://reedarvin.thearvins.com/20051222-01.html"
              },
              {
                "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
              },
              {
                "name": "mcafee-naprdmgr-privilege-escalation(23815)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
              },
              {
                "name": "ADV-2005-3077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/3077"
              },
              {
                "name": "1015404",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015404"
              },
              {
                "name": "292",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/292"
              },
              {
                "name": "16040",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16040"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://reedarvin.thearvins.com/20051222-01.html"
            },
            {
              "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
            },
            {
              "name": "mcafee-naprdmgr-privilege-escalation(23815)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
            },
            {
              "name": "ADV-2005-3077",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/3077"
            },
            {
              "name": "1015404",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015404"
            },
            {
              "name": "292",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/292"
            },
            {
              "name": "16040",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16040"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-4505",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://reedarvin.thearvins.com/20051222-01.html",
                  "refsource": "MISC",
                  "url": "http://reedarvin.thearvins.com/20051222-01.html"
                },
                {
                  "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
                },
                {
                  "name": "mcafee-naprdmgr-privilege-escalation(23815)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
                },
                {
                  "name": "ADV-2005-3077",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/3077"
                },
                {
                  "name": "1015404",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015404"
                },
                {
                  "name": "292",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/292"
                },
                {
                  "name": "16040",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16040"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-4505",
        "datePublished": "2005-12-23T00:00:00.000Z",
        "dateReserved": "2005-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:46:05.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-5115 (GCVE-0-2009-5115)

    Vulnerability from cvelistv5 – Published: 2012-08-22 10:00 – Updated: 2024-08-07 07:32
    VLAI
    Summary
    McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:32:22.379Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
              },
              {
                "name": "mcafee-cma-file-overwrite(78446)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
            },
            {
              "name": "mcafee-cma-file-overwrite(78446)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-5115",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002",
                  "refsource": "CONFIRM",
                  "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10002"
                },
                {
                  "name": "mcafee-cma-file-overwrite(78446)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78446"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-5115",
        "datePublished": "2012-08-22T10:00:00.000Z",
        "dateReserved": "2012-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T07:32:22.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5273 (GCVE-0-2006-5273)

    Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    http://www.nessus.org/plugins/index.php?view=sing… x_refsource_MISC
    http://www.osvdb.org/36100 vdb-entryx_refsource_OSVDB
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    https://knowledge.mcafee.com/article/763/613366_f… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.351Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "security-management-bo(31164)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
              },
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
              },
              {
                "name": "36100",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36100"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "security-management-bo(31164)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
            },
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
            },
            {
              "name": "36100",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36100"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5273",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "security-management-bo(31164)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
                },
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
                  "refsource": "MISC",
                  "url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
                },
                {
                  "name": "36100",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36100"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5273",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5272 (GCVE-0-2006-5272)

    Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
    VLAI
    Summary
    Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    https://knowledge.mcafee.com/article/762/613365_f… x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/36099 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:41:05.763Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
              },
              {
                "name": "security-management-ping-bo(31163)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "36099",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36099"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
            },
            {
              "name": "security-management-ping-bo(31163)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "36099",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36099"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5272",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
                },
                {
                  "name": "security-management-ping-bo(31163)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "36099",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36099"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5272",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:41:05.763Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5274 (GCVE-0-2006-5274)

    Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
    VLAI
    Summary
    Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/36101 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2007/2498 vdb-entryx_refsource_VUPEN
    http://www.securitytracker.com/id?1018363 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/26029 third-party-advisoryx_refsource_SECUNIA
    https://knowledge.mcafee.com/article/764/613367_f… x_refsource_CONFIRM
    http://www.iss.net/threats/269.html third-party-advisoryx_refsource_ISS
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/24863 vdb-entryx_refsource_BID
    Date Public
    2007-07-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:48:28.638Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "36101",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/36101"
              },
              {
                "name": "ADV-2007-2498",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2498"
              },
              {
                "name": "1018363",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018363"
              },
              {
                "name": "26029",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26029"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
              },
              {
                "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_ISS",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/threats/269.html"
              },
              {
                "name": "security-management-integer-overflow(31165)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
              },
              {
                "name": "24863",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24863"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "36101",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/36101"
            },
            {
              "name": "ADV-2007-2498",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2498"
            },
            {
              "name": "1018363",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018363"
            },
            {
              "name": "26029",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26029"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
            },
            {
              "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
              "tags": [
                "third-party-advisory",
                "x_refsource_ISS"
              ],
              "url": "http://www.iss.net/threats/269.html"
            },
            {
              "name": "security-management-integer-overflow(31165)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
            },
            {
              "name": "24863",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24863"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5274",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "36101",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/36101"
                },
                {
                  "name": "ADV-2007-2498",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2498"
                },
                {
                  "name": "1018363",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018363"
                },
                {
                  "name": "26029",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26029"
                },
                {
                  "name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
                  "refsource": "CONFIRM",
                  "url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
                },
                {
                  "name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
                  "refsource": "ISS",
                  "url": "http://www.iss.net/threats/269.html"
                },
                {
                  "name": "security-management-integer-overflow(31165)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
                },
                {
                  "name": "24863",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24863"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5274",
        "datePublished": "2007-07-12T00:00:00.000Z",
        "dateReserved": "2006-10-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:48:28.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4505 (GCVE-0-2005-4505)

    Vulnerability from cvelistv5 – Published: 2005-12-23 00:00 – Updated: 2024-08-07 23:46
    VLAI
    Summary
    Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://reedarvin.thearvins.com/20051222-01.html x_refsource_MISC
    http://www.securityfocus.com/archive/1/420104/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2005/3077 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015404 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/292 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/16040 vdb-entryx_refsource_BID
    Date Public
    2005-12-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T23:46:05.544Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://reedarvin.thearvins.com/20051222-01.html"
              },
              {
                "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
              },
              {
                "name": "mcafee-naprdmgr-privilege-escalation(23815)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
              },
              {
                "name": "ADV-2005-3077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/3077"
              },
              {
                "name": "1015404",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015404"
              },
              {
                "name": "292",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/292"
              },
              {
                "name": "16040",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16040"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-12-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://reedarvin.thearvins.com/20051222-01.html"
            },
            {
              "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
            },
            {
              "name": "mcafee-naprdmgr-privilege-escalation(23815)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
            },
            {
              "name": "ADV-2005-3077",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/3077"
            },
            {
              "name": "1015404",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015404"
            },
            {
              "name": "292",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/292"
            },
            {
              "name": "16040",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16040"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-4505",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted \"Program Files\" path."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://reedarvin.thearvins.com/20051222-01.html",
                  "refsource": "MISC",
                  "url": "http://reedarvin.thearvins.com/20051222-01.html"
                },
                {
                  "name": "20051222 Privilege escalation in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/420104/100/0/threaded"
                },
                {
                  "name": "mcafee-naprdmgr-privilege-escalation(23815)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23815"
                },
                {
                  "name": "ADV-2005-3077",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/3077"
                },
                {
                  "name": "1015404",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015404"
                },
                {
                  "name": "292",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/292"
                },
                {
                  "name": "16040",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16040"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-4505",
        "datePublished": "2005-12-23T00:00:00.000Z",
        "dateReserved": "2005-12-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T23:46:05.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }