CVE-2019-3633

Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
trellixCNA
4.4 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
mcafeedata_loss_prevention_endpoint
11.3.0 ≤
𝑥
< 11.3.2.82
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10295
https://kc.mcafee.com/corporate/index?page=content&id=SB10295