» 2017 » 10월

CVE-2017-3935

Posted on 2017년 10월 31일2017년 11월 1일 by admin

CVE-2017-3935

Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type.

Source: CVE-2017-3935

CVE-2017-3934

Posted on 2017년 10월 31일2017년 11월 1일 by admin

CVE-2017-3934

Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver.

Source: CVE-2017-3934

CVE-2017-15950

Posted on 2017년 10월 31일2017년 11월 1일 by admin

CVE-2017-15950

Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.

Source: CVE-2017-15950

CVE-2017-3933

Posted on 2017년 10월 31일2017년 11월 1일 by admin

CVE-2017-3933

Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.

Source: CVE-2017-3933