Page 2 of 11 results (0.005 seconds)
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3595 – DLP Endpoint ePO extension not sanitizing CSV exports
https://notcve.org/view.php?id=CVE-2019-3595
24 Jul 2019 — Improper Neutralization of Special Elements used in a Command ('Command Injection') in ePO extension in McAfee Data Loss Prevention (DLP) 11.x prior to 11.3.0 allows Authenticated Adminstrator to execute arbitrary code with their local machine privileges via a specially crafted DLP policy, which is exported and opened on the their machine. In our checks, the user must explicitly allow the code to execute. La neutralización inadecuada de elementos especiales utilizados en un comando ('Command Injection') en ... • http://www.securityfocus.com/bid/109377 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •