McAfee.Source.Header.Buffer.Overflow
Description
This indicates a buffer overflow vulnerability in McAfee ePolicy Orchestrator and McAfee ProtectionPilot. The flaw is due to improper boundary checks when parsing HTTP request header fields.
Affected Products
McAfee ProtectionPilot 1.1.1 patch 2
McAfee ProtectionPilot 1.1.1
McAfee ProtectionPilot 1.1
McAfee ePolicy Orchestrator 3.0 SP2a
McAfee ePolicy Orchestrator 3.0
McAfee ePolicy Orchestrator 2.5.1
McAfee ePolicy Orchestrator 2.5 SP1
McAfee ePolicy Orchestrator 2.5
McAfee ePolicy Orchestrator 2.0
McAfee ePolicy Orchestrator 1.1
McAfee ePolicy Orchestrator 1.0
McAfee ePolicy Orchestrator 3.5 patch 5
McAfee ePolicy Orchestrator 3.5
Impact
The execution of arbitrary code
Recommended Actions
Apply vendor's patch.
For Protection Pilot 1.1.1 Patch 3:
For ePO 3.5 Patch 6:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |