Intrusion Prevention

McAfee.ePolicy.Orchestrator.SiteManager.dll.ActiveX.Access

Description

This indicates an attack attempt against multiple vulnerabilities in McAfee ePolicy Orchestrator.
The vulnerabilities are caused by buffer-overflow errors in the "SiteManager.dll" ActiveX control. It may allow a remote attacker to execute arbitrary code by enticing users into visiting a specially crafted web page.

Affected Products

McAfee ePolicy Orchestrator (ePO) versions 3.x
McAfee ProtectionPilot versions 1.x

Impact

System compromise.

Recommended Actions

Apply the patches supplied by the vendor:
https://mysupport.mcafee.com/eservice_enu/start.swe

CVE References

CVE-2007-1498