Vulnerabilities > Mcafee > Data Loss Prevention Endpoint > 9.3.200
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-02-17 | CVE-2015-1617 | Cross-site Scripting vulnerability in Mcafee Data Loss Prevention Endpoint Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2015-02-17 | CVE-2015-1616 | SQL Injection vulnerability in Mcafee Data Loss Prevention Endpoint SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2015-02-06 | CVE-2015-1305 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call. | 6.9 |