McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String Vulnerability

ID SSV:84729
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


McAfee Framework is prone to a remote format-string vulnerability.

Exploiting this issue will allow attackers to execute arbitrary code with the permissions of the framework or of an application that uses the framework. Failed attacks will likely cause denial-of-service conditions.
McAfee Common Managemetn Agent (Patch3) or earlier, McAfee Agent (MA) 4.0, Framework and ePolicy Orchestrator 4.0 are vulnerable to this issue; other versions may also be affected.

NOTE: This issue occurs only when the default debug level (7) is raised to 8.