Vulnerabilities > Mcafee > Epolicy Orchestrator
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-02-17 | CVE-2004-0095 | Buffer Mismanagement vulnerability in Mcafee Epolicy Orchestrator 3.6.0 McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow. | 5.0 |
| 2003-08-27 | CVE-2003-0616 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 2.0/2.5/2.5.1 Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. | 7.5 |
| 2003-08-27 | CVE-2003-0610 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 3.0 Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | 5.0 |
| 2003-08-27 | CVE-2003-0149 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 2.0/2.5/2.5.1 Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | 7.5 |
| 2003-08-27 | CVE-2003-0148 | Unspecified vulnerability in Mcafee Epolicy Orchestrator The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell. | 7.2 |
| 2003-04-11 | CVE-2002-0690 | Unspecified vulnerability in Mcafee Epolicy Orchestrator 2.5.1 Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings. | 10.0 |