VDB
CVE-2007-1498
CVE-2007-1498
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.
EPSS 28.08% · 96.6th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
28.08%
96.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mcafee | protectionpilot | 1.1.1, 1.5.0 |
| n/a | n/a | * |
| mcafee | epolicy_orchestrator | 3.6.0, 3.6.1, 3.5.0 |
Timeline
- Mar 16, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Aug 18, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- 22952 vdb
- 2444 third-party-advisory
- ADV-2007-0931 vdb
- VU#714593 third-party-advisory
- 20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities mailing-list
- 1017757 vdb
- 24466 third-party-advisory
- https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html url
- https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html url
- https://nvd.nist.gov/vuln/detail/CVE-2007-1498 advisory