Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
12 vulnerabilities found for protectionpilot by mcafee
CVE-2006-5274 (GCVE-0-2006-5274)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36101",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5274",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:48:28.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5271 (GCVE-0-2006-5271)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5271",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5272 (GCVE-0-2006-5272)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5272",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5273 (GCVE-0-2006-5273)
Vulnerability from nvd – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "security-management-bo(31164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
"refsource": "MISC",
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5273",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1498 (GCVE-0-2007-1498)
Vulnerability from nvd – Published: 2007-03-16 22:00 – Updated: 2024-08-07 12:59
VLAI?
Summary
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2007-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24466"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-31T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24466"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24466"
},
{
"name": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"name": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1498",
"datePublished": "2007-03-16T22:00:00.000Z",
"dateReserved": "2007-03-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5156 (GCVE-0-2006-5156)
Vulnerability from nvd – Published: 2006-10-03 23:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2006-10-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:04.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29421"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29421"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf",
"refsource": "MISC",
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29421"
},
{
"name": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt",
"refsource": "CONFIRM",
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"name": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22222"
},
{
"name": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803",
"refsource": "CONFIRM",
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"name": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt",
"refsource": "CONFIRM",
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5156",
"datePublished": "2006-10-03T23:00:00.000Z",
"dateReserved": "2006-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:04.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5274 (GCVE-0-2006-5274)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36101",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36101"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-overflow(31165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31165"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5274",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:48:28.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5271 (GCVE-0-2006-5271)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "36098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36098"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "security-management-integer-underflow(31162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31162"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5271",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5272 (GCVE-0-2006-5272)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html"
},
{
"name": "security-management-ping-bo(31163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31163"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "36099",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36099"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5272",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5273 (GCVE-0-2006-5273)
Vulnerability from cvelistv5 – Published: 2007-07-12 00:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2007-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "security-management-bo(31164)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/269.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "security-management-bo(31164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31164"
},
{
"name": "ADV-2007-2498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2498"
},
{
"name": "1018363",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018363"
},
{
"name": "26029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26029"
},
{
"name": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702",
"refsource": "MISC",
"url": "http://www.nessus.org/plugins/index.php?view=single\u0026id=25702"
},
{
"name": "36100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36100"
},
{
"name": "20070710 McAfee ePolicy Orchestrator Agent Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/269.html"
},
{
"name": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html"
},
{
"name": "24863",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5273",
"datePublished": "2007-07-12T00:00:00.000Z",
"dateReserved": "2006-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:05.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1498 (GCVE-0-2007-1498)
Vulnerability from cvelistv5 – Published: 2007-03-16 22:00 – Updated: 2024-08-07 12:59
VLAI?
Summary
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2007-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24466"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-31T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24466"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22952"
},
{
"name": "2444",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2444"
},
{
"name": "ADV-2007-0931",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0931"
},
{
"name": "VU#714593",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/714593"
},
{
"name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html"
},
{
"name": "1017757",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017757"
},
{
"name": "24466",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24466"
},
{
"name": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html"
},
{
"name": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1498",
"datePublished": "2007-03-16T22:00:00.000Z",
"dateReserved": "2007-03-16T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:59:08.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5156 (GCVE-0-2006-5156)
Vulnerability from cvelistv5 – Published: 2006-10-03 23:00 – Updated: 2024-08-07 19:41
VLAI?
Summary
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Date Public ?
2006-10-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:04.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29421"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29421"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5156",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf",
"refsource": "MISC",
"url": "http://www.remote-exploit.org/advisories/mcafee-epo.pdf"
},
{
"name": "1016970",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016970"
},
{
"name": "1016971",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016971"
},
{
"name": "epolicy-source-header-bo(29307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29307"
},
{
"name": "20288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20288"
},
{
"name": "29421",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29421"
},
{
"name": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt",
"refsource": "CONFIRM",
"url": "http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt"
},
{
"name": "ADV-2006-3861",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3861"
},
{
"name": "20061002 McAfee EPO Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html"
},
{
"name": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html",
"refsource": "CONFIRM",
"url": "http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html"
},
{
"name": "22222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22222"
},
{
"name": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803",
"refsource": "CONFIRM",
"url": "http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC\u0026docType=kc\u0026externalId=8611438\u0026sliceId=SAL_Public\u0026dialogID=2997768\u0026stateId=0%200%202995803"
},
{
"name": "VU#842452",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/842452"
},
{
"name": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt",
"refsource": "CONFIRM",
"url": "http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5156",
"datePublished": "2006-10-03T23:00:00.000Z",
"dateReserved": "2006-10-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:41:04.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}