McAfee.Source.Header.Buffer.Overflow

description-logoDescription

This indicates a buffer overflow vulnerability in McAfee ePolicy Orchestrator and McAfee ProtectionPilot. The flaw is due to improper boundary checks when parsing HTTP request header fields.

affected-products-logoAffected Products

McAfee ProtectionPilot 1.1.1 patch 2
McAfee ProtectionPilot 1.1.1
McAfee ProtectionPilot 1.1
McAfee ePolicy Orchestrator 3.0 SP2a
McAfee ePolicy Orchestrator 3.0
McAfee ePolicy Orchestrator 2.5.1
McAfee ePolicy Orchestrator 2.5 SP1
McAfee ePolicy Orchestrator 2.5
McAfee ePolicy Orchestrator 2.0
McAfee ePolicy Orchestrator 1.1
McAfee ePolicy Orchestrator 1.0
McAfee ePolicy Orchestrator 3.5 patch 5
McAfee ePolicy Orchestrator 3.5

Impact logoImpact

The execution of arbitrary code

recomended-action-logoRecommended Actions

Apply vendor's patch.
For Protection Pilot 1.1.1 Patch 3:
For ePO 3.5 Patch 6:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)