CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5156

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1140%
EPSS Percentile38.37th
PublishedOct 5, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.

Affected Platforms (CPE)

πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.0
πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.0
πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.5.0
πŸ“¦
Mcafee

Protectionpilot

= 1.1.1

References & Advisories

πŸ”— http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt
πŸ”— http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt
πŸ”— http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=8611438&sliceId=SAL_Public&dialogID=2997768&stateId=0%200%202995803
πŸ”— http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html
πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html
πŸ”— http://secunia.com/advisories/22222
πŸ”— http://securitytracker.com/id?1016970
πŸ”— http://securitytracker.com/id?1016971

Related Vulnerabilities

CVE-2002-069010.0

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code ...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...

CVE-2007-14989.3

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console...

CVE-2015-87658.3

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix...