CVE-2021-23886 – Local Denial of Service in McAfee DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2021-23886
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory. Una vulnerabilidad de Denegación de Servicio en McAfee Data Loss Prevention (DLP) Endpoint para Windows anterior a versión 11.6.100, permite a un atacante local, poco privilegiado, causar un BSoD al suspender un proceso, modificar la memoria del proceso y reiniciarlo. Esto es desencadenado cuando el controlador hdlphook lee una memoria no válida • https://kc.mcafee.com/corporate/index?page=content&id=SB10354 https://kc.mcafee.com/corporate/index?page=content&id=SB10357 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2012-6277
https://notcve.org/view.php?id=CVE-2012-6277
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code." Múltiples vulnerabilidades no especificadas en Autonomy KeyView IDOL versiones anteriores a 10.16, como es usado en Symantec Mail Security para Microsoft Exchange versiones anteriores a 6.5.8, Symantec Mail Security para Domino versiones anteriores a 8.1.1, Symantec Messaging Gateway versiones anteriores a 10.0.1, Symantec Data Loss Prevention (DLP) versiones anteriores a 11.6.1, IBM Notes versiones 8.5.x, IBM Lotus Domino versiones 8.5.x anteriores a 8.5.3 FP4, y otros productos, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de un archivo diseñado, relacionado con "una serie de problemas subyacentes" en los que "algunos de estos casos demostraron corrupción de la memoria con una entrada controlada por el atacante y podrían ser explotados para ejecutar código arbitrario". • https://support.symantec.com/us/en/article.symsa1262.html https://tools.cisco.com/security/center/viewAlert.x?alertId=27482 https://vulmon.com/vulnerabilitydetails?qid=CVE-2012-6277 https://www.energy.gov/cio/articles/v-118-ibm-lotus-domino-multiple-vulnerabilities https://www.ibm.com/blogs/psirt/security-bulletin-security-vulnerabilities-addressed-in-ibm-notes-9-0-cve-2011-3026-cve-2012-6349-cve-2012-6277 https://www.kb.cert.org/vuls/id/849841 https://www.securityfocus.com/bid/56610 https •
CVE-2019-3634 – Buffer overflow in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2019-3634
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory. El desbordamiento del búfer en McAfee Data Loss Prevention (DLPe) para Windows 11.x anterior a 11.3.2.8 permite al usuario local hacer que el sistema operativo Windows aparezca en "pantalla azul" a través de un mensaje cifrado enviado a DLPe que, cuando se descifra, DLPe lee la memoria no asignada . • https://kc.mcafee.com/corporate/index?page=content&id=SB10295 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2019-3633 – Buffer overflow in DLP Endpoint for Windows
https://notcve.org/view.php?id=CVE-2019-3633
Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory. El desbordamiento del búfer en McAfee Data Loss Prevention (DLPe) para Windows 11.x anterior a 11.3.2.8 permite al usuario local hacer que el sistema operativo Windows aparezca en "pantalla azul" a través de un mensaje cuidadosamente elaborado enviado a DLPe que omite las comprobaciones internas de DLPe y genera DLPe leyendo memoria no asignada. • https://kc.mcafee.com/corporate/index?page=content&id=SB10295 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2019-3621 – DLP Endpoint Windows lock screen bypass with physical access
https://notcve.org/view.php?id=CVE-2019-3621
Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine. La vulnerabilidad de omisión de la protección de autenticación en McAfee Data Loss Prevention (DLPe) para Windows versión 11.x versiones anteriores a la 11.3.0 permite al usuario físico local eludir la pantalla de bloqueo de Windows mediante procesos DLPe eliminados justo antes de que la pantalla se bloquee o cuando la pantalla está bloqueada. El atacante requiere acceso físico a la máquina. • http://www.securityfocus.com/bid/109370 https://kc.mcafee.com/corporate/index?page=content&id=SB10290 •