Summary:

Multiple Remote Buffer Overflow Vulnerabilities exist in McAfee ePolicy Orchestrator and McAfee ProtectionPilot which could allow an attacker who successfully exploited these vulnerabilities to take control of the affected system.

Risk:

• Medium

Affected Software:

• McAfee ePolicy Orchestrator 3.6.1 and earlier.
• McAfee ePolicy Orchestrator 3.6.0 Patch 5 and earlier.
• McAfee ePolicy Orchestrator 3.5.0 Patch 7 and earlier.
• McAfee ProtectionPilot 1.5.0.
• McAfee ProtectionPilot 1.1.1 Patch 3 and earlier.

Additional Information:

A remote attacker could construct a malicious web page on a controlled web site. When the user browses the web page from a machine with the affected products, maliciously formed data causes a buffer overflow leading to arbitrary command execution with the privileges of that user.

This vulnerability is due to improper sanitization of remotely supplied data.

Solution:

• McAfee ePolicy Orchestrator and McAfee ProtectionPilot users should apply the updates provided by McAfee.

Credits:

• The Fortinet Security Research Team

References:

• McAfee Security Bulletin : 612495 and 612496