A buffer overflow vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a local malicious user to execute arbitrary code with elevated privileges through placing carefully constructed Ami Pro (.sam) files onto the local system and triggering a DLP Endpoint scan through accessing a file. This is caused by the destination buffer being of fixed size and incorrect checks being made on the source size.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee data_loss_prevention_endpoint |