{"containers": {"cna": {"affected": [{"product": "Data Loss Prevention (DLPe) for Windows", "vendor": "McAfee, LLC", "versions": [{"lessThan": "11.3.2.8", "status": "affected", "version": "11.x", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Buffer Overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-21T15:17:15.000Z", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}], "source": {"discovery": "EXTERNAL"}, "title": "Buffer overflow in DLP Endpoint for Windows", "x_generator": {"engine": "Vulnogram 0.0.7"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "ID": "CVE-2019-3634", "STATE": "PUBLIC", "TITLE": "Buffer overflow in DLP Endpoint for Windows"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Data Loss Prevention (DLPe) for Windows", "version": {"version_data": [{"version_affected": "<", "version_name": "11.x", "version_value": "11.3.2.8"}]}}]}, "vendor_name": "McAfee, LLC"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory."}]}, "generator": {"engine": "Vulnogram 0.0.7"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:12:09.699Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}]}]}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2019-3634", "datePublished": "2019-08-21T15:17:15.000Z", "dateReserved": "2019-01-03T00:00:00.000Z", "dateUpdated": "2024-08-04T19:12:09.699Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DD950B6-B87A-40F1-8C31-04E1ED32E5C9", "versionEndExcluding": "11.3.2.82", "versionStartIncluding": "11.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory."}, {"lang": "es", "value": "El desbordamiento del b\u00fafer en McAfee Data Loss Prevention (DLPe) para Windows 11.x anterior a 11.3.2.8 permite al usuario local hacer que el sistema operativo Windows aparezca en \"pantalla azul\" a trav\u00e9s de un mensaje cifrado enviado a DLPe que, cuando se descifra, DLPe lee la memoria no asignada ."}], "id": "CVE-2019-3634", "lastModified": "2024-11-21T04:42:16.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "trellixpsirt@trellix.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-21T16:15:10.037", "references": [{"source": "trellixpsirt@trellix.com", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}, {"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}