McAfee ePolicy Orchestrator 'conditionXML' Parameter XML External Entity Injection Vulnerability

Bugtraq ID: 71881
Class: Design Error
CVE: CVE-2015-0921
Remote: Yes
Local: No
Published: Jan 06 2015 12:00AM
Updated: Jan 28 2015 12:02AM
Credit: Brandon Perry
Vulnerable: McAfee ePolicy Orchestrator 3.7
McAfee ePolicy Orchestrator 3.6.1 Patch 4
McAfee ePolicy Orchestrator 3.6.1 patch 1
McAfee ePolicy Orchestrator 3.6.1
McAfee ePolicy Orchestrator 3.6 patch 5
McAfee ePolicy Orchestrator 3.6
McAfee ePolicy Orchestrator 3.5.5 .438
McAfee ePolicy Orchestrator 3.5.5
McAfee ePolicy Orchestrator 3.5 patch 7
McAfee ePolicy Orchestrator 3.0 SP2a
McAfee ePolicy Orchestrator 3.0
McAfee ePolicy Orchestrator 2.5.1
McAfee ePolicy Orchestrator 2.5 SP1
McAfee ePolicy Orchestrator 2.5
McAfee ePolicy Orchestrator 2.0
McAfee ePolicy Orchestrator 1.1
McAfee ePolicy Orchestrator 1.0
McAfee ePolicy Orchestrator 4.0
McAfee ePolicy Orchestrator 3.5 patch 6
McAfee ePolicy Orchestrator 3.5 patch 5
McAfee ePolicy Orchestrator 3.5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus