CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-5156

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1140%
EPSS Percentile38.37th
Published2006年10月5日
Last Modified2026年4月23日

Vulnerability Description

Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.

Affected Platforms (CPE)

📦
Mcafee

Epolicy Orchestrator

= 3.0
📦
Mcafee

Epolicy Orchestrator

= 3.0
📦
Mcafee

Epolicy Orchestrator

= 3.5.0
📦
Mcafee

Protectionpilot

= 1.1.1

References & Advisories

🔗 http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt
🔗 http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt
🔗 http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=8611438&sliceId=SAL_Public&dialogID=2997768&stateId=0%200%202995803
🔗 http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html
🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html
🔗 http://secunia.com/advisories/22222
🔗 http://securitytracker.com/id?1016970
🔗 http://securitytracker.com/id?1016971

関連する脆弱性情報

CVE-2002-069010.0

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code ...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...

CVE-2007-14989.3

Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console...

CVE-2015-87658.3

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix...