McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability

The McAfee ePolicy Orchestrator agent has been reported to a buffer management vulnerability that may be exploited to crash the affected agent. Although unconfirmed, it has been reported that the issue may also allow a remote attacker to trigger a buffer overflow vulnerability.

The issue reportedly presents itself, because certain values in HTTP POST headers processed by the ePolicy Orchestrator are not sufficiently sanitized.


Privacy Statement
Copyright 2010, SecurityFocus