VYPR

Epolicy Orchestrator Agent

by McAfee

CVEs (4)

  • CVE-2004-0095Feb 17, 2004
    risk 0.06cvss epss 0.38

    McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.

  • CVE-2013-4883Jul 22, 2013
    risk 0.03cvss epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePO Extension for the McAfee Agent (MA) 4.5 through 4.6, allow remote attackers to inject arbitrary web script or HTML via the (1) instanceId parameter…

  • CVE-2013-4882Jul 22, 2013
    risk 0.03cvss epss 0.04

    Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and earlier, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1)…

  • CVE-2006-3623Jul 18, 2006
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.