McAfee EPolicy Orchestrator SiteManager.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities

The SiteManager.DLL ActiveX control shipped with McAfee EPolicy Orchestrator is prone to multiple buffer-overflow vulnerabilities. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer.

Various versions of McAfee EPolicy Orchestrator and ProtectionPilot are vulnerable to these issues.


Privacy Statement
Copyright 2010, SecurityFocus