CVE-2008-1357 in CMAinfo

Summary

Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

03/17/2008

Disclosure

03/17/2008

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-134

Exploit

Download

CVSS

8.1

EPSS

0.27884

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1357
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1357
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1357/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!