{"api_version":"1","generated_at":"2026-04-22T22:38:11+00:00","cve":"CVE-2019-3634","urls":{"html":"https://cve.report/CVE-2019-3634","api":"https://cve.report/api/cve/CVE-2019-3634.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-3634","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-3634"},"summary":{"title":"CVE-2019-3634","description":"Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.","state":"PUBLIC","assigner":"psirt@mcafee.com","published_at":"2019-08-21 16:15:00","updated_at":"2023-11-07 03:10:00"},"problem_types":["CWE-119","CWE-125"],"metrics":[],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10295","name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10295","refsource":"","tags":[],"title":"McAfee Security Bulletin - Data Loss Prevention Endpoint for Windows update fixes two vulnerabilities (CVE-2019-3633 and CVE-2019-3634)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-3634","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3634","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"3634","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"data_loss_prevention_endpoint","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3634","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"data_loss_prevention_endpoint","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3634","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3634","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@mcafee.com","ID":"CVE-2019-3634","STATE":"PUBLIC","TITLE":"Buffer overflow in DLP Endpoint for Windows"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Data Loss Prevention (DLPe) for Windows","version":{"version_data":[{"version_affected":"<","version_name":"11.x","version_value":"11.3.2.8"}]}}]},"vendor_name":"McAfee, LLC"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory."}]},"generator":{"engine":"Vulnogram 0.0.7"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":4.4,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Buffer Overflow"}]}]},"references":{"reference_data":[{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10295","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10295"}]},"source":{"discovery":"EXTERNAL"}},"nvd":{"publishedDate":"2019-08-21 16:15:00","lastModifiedDate":"2023-11-07 03:10:00","problem_types":["CWE-119","CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":4.9},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*","versionStartIncluding":"11.3.0","versionEndExcluding":"11.3.2.82","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"3634","Ordinal":"141242","Title":"CVE-2019-3634","CVE":"CVE-2019-3634","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"3634","Ordinal":"1","NoteData":"Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to \"blue screen\" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"3634","Ordinal":"2","NoteData":"2019-08-21","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"3634","Ordinal":"3","NoteData":"2019-08-21","Type":"Other","Title":"Modified"}]}}}