RSS   Vulnerabilities for 'Data loss prevention endpoint'   RSS

2016-04-08
 
CVE-2016-3984

 

 
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.

 
2015-03-27
 
CVE-2015-2760

 

 
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
 
CVE-2015-2759

 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors.

 
 
CVE-2015-2758

 

 
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL.

 
 
CVE-2015-2757

 

 
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to cause a denial of service (database lock or license corruption) via unspecified vectors.

 
2015-02-17
 
CVE-2015-1618

CWE-200
 

 
The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to obtain sensitive password information via a crafted URL.

 
 
CVE-2015-1617

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

 
 
CVE-2015-1616

CWE-89
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-06
 
CVE-2015-1305

CWE-264
 

 
McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.

 

 >>> Vendor: Mcafee 100 Products
Virusscan
Remote desktop 32
Asap virusscan
Webshield smtp
Epolicy orchestrator
Entercept agent
Antivirus engine
Freescan
Security installer control system
Internet security suite
Intrushield security management system
Mcinsctl.dll
Virusscan security center
Common management agent
Virusscan enterprise
Virex
Epolicy orchestrator agent
Antispyware
Personal firewall plus
Privacy service
Quickclean
Security center
Spamkiller
Wireless home network security
Scan engine
Protectionpilot
E-business server
Network agent
Neotrace
Visual trace
Securitycenter agent
Agent
CMA
Mcafee framework
Encrypted usb manager
Safeboot device encryption
Active virus defense
Active virusscan
Email gateway
Securityshield for email servers
Securityshield for microsoft isa server
Securityshield for microsoft sharepoint
Total protection
Total protection for endpoint
Virusscan commandline
Virusscan plus
Virusscan usb
Groupshield
Smartfilter
Email and web security appliance
Intrushield network security manager
Secure mail
Unified threat management firewall firmware
Saas endpoint protection
Gateway
Web gateway
Linuxshield
Host data loss prevention
Firewall reporter
Email and web security
Enterprise mobility manager
Enterprise mobility manager agent
Application control
Change control
Mcafee virtual technician
Epo mcafee virtual technician
Total protection 2010
Vulnerability manager
Superscan
Cloud identity manager
Cloud single sign on
Asset manager
Network security manager
Network data loss prevention
Endpoint encryption for files and folders
Mcafee file and removable media protection
File and removable media protection
Data loss prevention endpoint
Mcafee agent
Advanced threat defense
Epo deep command
Threat intelligence exchange
Enterprise security manager
Enterprise security manager/log manager
Enterprise security manager/receiver
Mcafee enterprise security manager
File lock
Livesafe
Active response
Data exchange layer
Endpoint security
Host intrusion prevention
Smartfilter administration
Security information and event management
Security scan plus
Host intrusion prevention services
Cloud analysis and deconstructive services
Security webadvisor
Cloud av
Saas control console platform
See all Products for Vendor Mcafee


Copyright 2017, cxsecurity.com