New Search

Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x – CVE-2017-3948

oval:org.cisecurity:def:3271

Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows 8
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Vista
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 8.1
  • Microsoft Windows 10
  • Microsoft Windows Server 2016
Class:
vulnerability
Reference(s):
  • CVE-2017-3948
Product(s):
  • McAfee DLP Endpoint Agent