McAfee Information for VU#714593
McAfee ePolicy Orchestrator and ProtectionPilot ActiveX control buffer overflow vulnerability
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 22 Mar 2007
On March 13, McAfee published a vulnerability announcement to its online knowledgebase and pro-actively contacted customers through various means to alert them of security patches posted which fix these non-critical security flaws. The security flaws in McAfee ePolicy Orchestrator and McAfee ProtectionPilot SiteManager.dll are only found on machines that have the management console installed on it and are only exploitable with the assistance of the end user. Very few machines in an organization should have this console installed on it, and it is not installed with any of McAfee's other products or the ePolicy Orchestrator and ProtectionPilot agent.
The vendor has not provided us with any further information regarding this vulnerability.
See https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us email.