Lucene search

TrellixCVELIST:CVE-2019-3633

HistoryAug 21, 2019 - 3:16 p.m.

CVE-2019-3633 Buffer overflow in DLP Endpoint for Windows

2019-08-2115:16:50

trellix

www.cve.org

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to “blue screen” via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory.

CNA Affected

[
  {
    "product": "Data Loss Prevention (DLPe) for Windows",
    "vendor": "McAfee, LLC",
    "versions": [
      {
        "lessThan": "11.3.2.8",
        "status": "affected",
        "version": "11.x",
        "versionType": "custom"
      }
    ]
  }
]

References

kc.mcafee.com/corporate/index?page=content&id=SB10295

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2019-3633