CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1498

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile13.67th
PublishedMar 16, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.

Affected Platforms (CPE)

πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.5.0
πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.6.0
πŸ“¦
Mcafee

Epolicy Orchestrator

= 3.6.1
πŸ“¦
Mcafee

Protectionpilot

= 1.1.1
πŸ“¦
Mcafee

Protectionpilot

= 1.5.0

References & Advisories

πŸ”— http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html
πŸ”— http://secunia.com/advisories/24466
πŸ”— http://securityreason.com/securityalert/2444
πŸ”— http://www.kb.cert.org/vuls/id/714593
πŸ”— http://www.securityfocus.com/bid/22952
πŸ”— http://www.securitytracker.com/id?1017757
πŸ”— http://www.vupen.com/english/advisories/2007/0931
πŸ”— https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html

Related Vulnerabilities

CVE-2006-515610.0

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to ex...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...

CVE-2002-069010.0

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code ...

CVE-2015-87658.3

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix...