CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0690

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0360%
EPSS Percentile19.83th
PublishedApr 11, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.

Affected Platforms (CPE)

πŸ“¦
Mcafee

Epolicy Orchestrator

= 2.5.1

References & Advisories

πŸ”— http://secunia.com/advisories/8311
πŸ”— http://www.atstake.com/research/advisories/2003/a031703-1.txt
πŸ”— http://www.osvdb.org/4375
πŸ”— http://www.securityfocus.com/archive/1/315230/30/25490/threaded
πŸ”— http://www.securityfocus.com/bid/7111
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/11559
πŸ”— http://secunia.com/advisories/8311
πŸ”— http://www.atstake.com/research/advisories/2003/a031703-1.txt

Related Vulnerabilities

CVE-2006-515610.0

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to ex...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...

CVE-2007-14989.3

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console...

CVE-2015-87658.3

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix...