McAfee ePolicy Orchestrator ActiveX Exploit

This module exploits a vulnerability in the SiteManager ActiveX Control (sitemanager.dll). A validation error in the ExportSiteList() method allows an attacker to run arbitrary code on the target system. The module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When a client connects, it will try to install a Level0v2 agent by exploiting this vulnerability.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2007-1498
Released Date: 
Tuesday, April 10, 2007 - 19:00