CVE-2015-1305

Exploit

EPSS 0.51%
Veröffentlicht 06.02.2015 15:59:12
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mcafee ≫ Data Loss Prevention Endpoint Version <= 9.3.300

Microsoft ≫ Windows Xp

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.51%	0.655

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://www.greyhathacker.net/?p=818

Exploit

http://packetstormsecurity.com/files/130177/McAfee-Data-Loss-Prevention-Endpoint-Privilege-Escalation.html

Exploit

http://www.exploit-db.com/exploits/35953

Exploit

http://www.osvdb.org/show/osvdb/117345

https://exchange.xforce.ibmcloud.com/vulnerabilities/100602

https://kc.mcafee.com/corporate/index?page=content&id=SB10097

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-1305

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1305

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1305

EUVD