CVE-2019-3633

Name of the Vulnerable Software and Affected Versions McAfee Data Loss Prevention (DLPe) for Windows versions 11.x prior to 11.3.2.8

Description The issue allows a local user to cause the Windows operating system to crash via a carefully constructed message sent to DLPe, which bypasses internal checks and results in DLPe reading unallocated memory. This is achieved by sending a message that exploits a buffer overflow in DLPe.

Recommendations For McAfee Data Loss Prevention (DLPe) for Windows versions 11.x prior to 11.3.2.8, update to version 11.3.2.8 or later to resolve the issue.