McAfee.Framework.ePolicy.Format.String
Description
This indicates a format string vulnerability in McAfee ePolicy Orchestrator.
McAfee ePolicy Orchestrator does not properly validate user controlled input. Specially crafted user supplied strings can allow a remote attacker to execute arbitrary code.
Affected Products
McAfee ePolicy Orchestrator 4.0 and prior.
McAfee Common Management Agent 3.6.0.574(patch 3) and prior.
Impact
System compromise
Recommended Actions
Apply the update from the vendor.
http://download.nai.com/products/patches/epo/cma/v3.6.0/CMA3603HF398370.Zip
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |