Epolicy Orchestrator

epolicy_orchestrator

Vendor: Mcafee • 86 CVEs

CVEs (86)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0095 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Feb 17, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, pos...Show more McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.Show less
CVE-2003-0616 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which...Show more Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.Show less
CVE-2003-0610 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.
CVE-2003-0149 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.
CVE-2003-0148 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 7.2 HIGH· v2 The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password...Show more The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell.Show less
CVE-2002-0690 1Mcafee 1Epolicy Orchestrator Apr 16, 2026 Apr 11, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.

Previous 1 2 3 45