CVE-2015-1305

CVE Database · CVE-2015-1305

CVE-2015-1305

· N/AModified

CVSS v3.1

N/A

EPSS

0.88%

Published

Feb 6, 2015

Modified

May 6, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMcAfee Data Loss Prevention Endpoint - Arbitrary Write Privilege Escalation TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.

Weaknesses (CWE)

CWE-264

Affected Products (2)

mcafee · data_loss_prevention_endpointvulnerable

microsoft · windows_xp

References (12)

http://packetstormsecurity.com/files/130177/McAfee-Data-Loss-Prevention-Endpoint-Privilege-Escalation.html

Exploit

http://www.exploit-db.com/exploits/35953

Exploit

http://www.greyhathacker.net/?p=818

Exploit

http://www.osvdb.org/show/osvdb/117345

https://exchange.xforce.ibmcloud.com/vulnerabilities/100602

https://kc.mcafee.com/corporate/index?page=content&id=SB10097

Vendor Advisory

http://packetstormsecurity.com/files/130177/McAfee-Data-Loss-Prevention-Endpoint-Privilege-Escalation.html

Exploit

http://www.exploit-db.com/exploits/35953

KEV Catalog EPSS Scores Vendors All CVEs