CVE-2006-5273

3 documents3 sources

Severity

7.6HIGH

EPSS

9.2%

top 7.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Common Management Agent Mcafee E-business Server Mcafee Protectionpilot

Timeline

PublishedJul 12

Latest updateMay 1

Description

Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages3 packages

▶NVDmcafee/common_management_agent3.6.0.453+1

▶NVDmcafee/protectionpilot1.1.1, 1.5.0+1

▶NVDmcafee/e-business_server3.5, 3.6.1+1

Patches

Patch: knowledge.mcafee.com ↗Patch: knowledge.mcafee.com ↗

🔴Vulnerability Details

GHSA

GHSA-cmcq-56r6-cxh7: Heap-based buffer overflow in McAfee ePolicy Orchestrator 3↗2022-05-01

▶

CVEList

CVE-2006-5273: Heap-based buffer overflow in McAfee ePolicy Orchestrator 3↗2007-07-12

▶