Privilege Escalation Vulnerability in McAfee Data Loss Prevention Endpoint
CVE-2015-1305

Currently unrated

Key Information:

Vendor: Mcafee
Status: Data Loss Prevention Endpoint
Vendor: CVE Published:; 6 February 2015

Summary

A vulnerability exists in McAfee Data Loss Prevention Endpoint versions prior to 9.3.400 that allows local users to exploit arbitrary memory writes. By crafting specific IOCTL calls (0x00224014 or 0x0022c018), a malicious user can gain elevated privileges on the system. This flaw poses a significant risk by enabling unauthorized control over affected systems, potentially leading to data loss or compromise.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100602

vdb-entryx_refsource_XF

http://www.greyhathacker.net/?p=818

x_refsource_MISC

http://www.osvdb.org/show/osvdb/117345

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Feb 6, 2015
Vulnerability Reserved
Jan 22, 2015