Published: 16/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and previous versions, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote malicious users to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mcafee cma

#!/usr/bin/python # Mcafee EPO 40 (and others) FrameworkServiceexe DOS # More than meets the eye # Discovered and coded by Mati Aharoni # mutsatoffensive-securitycom # wwwoffensive-securitycom/0day/mcafee_againpytxt # EAX 00840C30 # ECX 00837830 # EDX 01EACF18 # EBX 00004000 # ESP 01EAFF04 # EBP 01EAFF38 # ESI 00837830 # EDI 643 ...

CWE-399 http://www.offensive-security.com/0day/mcafee_again.py.txt https://knowledge.mcafee.com/article/219/615324_f.SAL_Public.html http://www.securityfocus.com/bid/28573 http://secunia.com/advisories/29637 http://www.securitytracker.com/id?1019794 http://www.vupen.com/english/advisories/2008/1122/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41597 https://www.exploit-db.com/exploits/5343 https://nvd.nist.gov https://www.exploit-db.com/exploits/5343/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1855

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect