CVE-2008-1357 - CVE Reference - Advisories

CVE Reference: CVE-2008-1357

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1357

Description: Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/41178 ST 1019609 SREASON http://securityreason.com/securityalert/3748 SAID Secunia Advisory: SA29337 MISC http://aluigi.altervista.org/adv/meccaffi-adv.txt CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/489476/100/0/threaded BID 28228

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Mozilla Firefox Multiple Vulnerabilities

2.	VLC Media Player WAV Processing Integer Overflow

3.	Opera for Windows Unspecified Code Execution

4.	Mozilla Thunderbird Multiple Vulnerabilities

5.	zlib Denial of Service Vulnerability

6.	PCRE pcre_compile.c Buffer Overflow Vulnerability

7.	UnixWare ReliantHA Privilege Escalation Vulnerabilities

8.	Internet Explorer 7 Frame Location Handling Vulnerability

9.	Novell eDirectory ds.dlm Module Buffer Overflow

10.	Red Hat update for seamonkey