CVSS: 7.5EPSS: 25%CPEs: 1EXPL: 3CVE-2008-1855 – Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-1855
16 Apr 2008 — FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274. FrameworkService.exe en McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 y anteriores, usado por ePolicy Orchestrator (e... • https://www.exploit-db.com/exploits/5343 • CWE-399: Resource Management Errors •
CVSS: 8.4EPSS: 30%CPEs: 9EXPL: 3CVE-2008-1357 – McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String
https://notcve.org/view.php?id=CVE-2008-1357
17 Mar 2008 — Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8. Vulnerabilidad en el formato de cadena en la función logDetail de applib.dlld en McAfee... • https://www.exploit-db.com/exploits/31399 • CWE-134: Use of Externally-Controlled Format String •