McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

Bugtraq ID:	22952
Class:	Boundary Condition Error
CVE:	CVE-2007-1498 CVE-2008-1498
Remote:	Yes
Local:	No
Published:	Mar 13 2007 12:00AM
Updated:	Jul 06 2016 01:34PM
Credit:	Cocoruder of Fortinet Security discovered these issues.
Vulnerable:	McAfee ProtectionPilot 1.5 McAfee ProtectionPilot 1.1.1 patch 3 McAfee ePolicy Orchestrator 3.6.1 McAfee ePolicy Orchestrator 3.6 patch 5 McAfee ePolicy Orchestrator 3.5 patch 7 McAfee ePolicy Orchestrator 3.5 patch 6
Not Vulnerable:	McAfee ePolicy Orchestrator 3.6.1 patch 1

McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

The SiteManager.DLL ActiveX control shipped with McAfee EPolicy Orchestrator is prone to multiple buffer-overflow vulnerabilities. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Various versions of McAfee EPolicy Orchestrator and ProtectionPilot are vulnerable to these issues.

McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

Solution:
The vendor has released patches and upgrades to address these issues.

McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

References:

• McAfee ePolicy Orchestrator (ePO) and ProtectionPilot (PRP) HotFixes fix multipl (McAfee)
  
• McAfee Homepage (McAfee)
  
• Vulnerability Note VU#714593 McAfee ePolicy Orchestrator and ProtectionPilot Act (US-CERT)