CVE-2006-5271

critical

Description

Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.

References

https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/31162

http://www.vupen.com/english/advisories/2007/2498

http://www.securitytracker.com/id?1018363

http://www.securityfocus.com/bid/24863

http://www.osvdb.org/36098

http://www.iss.net/threats/269.html

http://secunia.com/advisories/26029

Details

Source: Mitre, NVD

Published: 2007-07-12

Updated: 2017-07-20

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical