Description
Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.
References (8)
Core 8
Core References
Various Sources x_refsource_confirm
https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26029
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/36098
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2498
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018363
Third Party Advisory third-party-advisory
x_refsource_iss
http://www.iss.net/threats/269.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31162
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24863
Scores
EPSS
0.1263
EPSS Percentile
94.1%
Details
Status
published
Products (4)
mcafee/e-business_server
3.5
mcafee/e-business_server
3.6.1
mcafee/protectionpilot
1.1.1 (2 CPE variants)
mcafee/protectionpilot
1.5.0
Published
Jul 12, 2007
Tracked Since
Feb 18, 2026