{"api_version":"1","generated_at":"2026-04-26T06:34:26+00:00","cve":"CVE-2009-5117","urls":{"html":"https://cve.report/CVE-2009-5117","api":"https://cve.report/api/cve/CVE-2009-5117.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-5117","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-5117"},"summary":{"title":"CVE-2009-5117","description":"The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2012-08-22 10:42:00","updated_at":"2017-08-29 01:29:00"},"problem_types":["CWE-200"],"metrics":[],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10011","name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10011","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Article Not Available; Try Logging In","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/78447","name":"mcafee-dlp-web-post-info-disc(78447)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-5117","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-5117","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"5117","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"host_data_loss_prevention","cpe6":"3.0.100.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"5117","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"host_data_loss_prevention","cpe6":"9.0.0.416","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"5117","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"host_data_loss_prevention","cpe6":"3.0.100.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"5117","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"host_data_loss_prevention","cpe6":"9.0.0.416","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-5117","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"mcafee-dlp-web-post-info-disc(78447)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/78447"},{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10011","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10011"}]}},"nvd":{"publishedDate":"2012-08-22 10:42:00","lastModifiedDate":"2017-08-29 01:29:00","problem_types":["CWE-200"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":1.9},"severity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:host_data_loss_prevention:3.0.100.6:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:host_data_loss_prevention:9.0.0.416:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"5117","Ordinal":"57339","Title":"CVE-2009-5117","CVE":"CVE-2009-5117","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"5117","Ordinal":"1","NoteData":"The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files.","Type":"Description","Title":null},{"CveYear":"2009","CveId":"5117","Ordinal":"2","NoteData":"2012-08-22","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"5117","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}