McAfee ePolicy Orchestrator Local Information Disclosure Vulnerability

Network Associates McAfee ePolicy Orchestrator is susceptible to a local information disclosure vulnerability. This issue is due to incorrectly configured directory permissions in the default installation process of the application.

This vulnerability allows local attackers to access arbitrary files located in the same partition as the affected directory with SYSTEM privileges. This will aid them in further attacks.


Privacy Statement
Copyright 2010, SecurityFocus