Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
2 vulnerabilities found for True Key (TK) by McAfee, LLC
CVE-2019-3610 (GCVE-0-2019-3610)
Vulnerability from nvd – Published: 2019-02-13 17:00 – Updated: 2024-09-16 18:24
VLAI?
Title
True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability
Summary
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
Severity ?
5.6 (Medium)
CWE
- Data Leakage Attacks vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | True Key (TK) |
Affected:
3.1 , ≤ 3.1.9211.0
(custom)
|
Date Public ?
2019-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107217"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Chrome, Edge and Firefox"
],
"product": "True Key (TK)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThanOrEqual": "3.1.9211.0",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Data Leakage Attacks vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-05T10:57:02.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"name": "107217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107217"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2019-02-13T15:00:00.000Z",
"ID": "CVE-2019-3610",
"STATE": "PUBLIC",
"TITLE": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "True Key (TK)",
"version": {
"version_data": [
{
"affected": "\u003c=",
"platform": "Chrome, Edge and Firefox",
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.9211.0"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data Leakage Attacks vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107217"
},
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889",
"refsource": "CONFIRM",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3610",
"datePublished": "2019-02-13T17:00:00.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:24:29.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3610 (GCVE-0-2019-3610)
Vulnerability from cvelistv5 – Published: 2019-02-13 17:00 – Updated: 2024-09-16 18:24
VLAI?
Title
True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability
Summary
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
Severity ?
5.6 (Medium)
CWE
- Data Leakage Attacks vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | True Key (TK) |
Affected:
3.1 , ≤ 3.1.9211.0
(custom)
|
Date Public ?
2019-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107217"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Chrome, Edge and Firefox"
],
"product": "True Key (TK)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThanOrEqual": "3.1.9211.0",
"status": "affected",
"version": "3.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Data Leakage Attacks vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-05T10:57:02.000Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"name": "107217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107217"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2019-02-13T15:00:00.000Z",
"ID": "CVE-2019-3610",
"STATE": "PUBLIC",
"TITLE": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "True Key (TK)",
"version": {
"version_data": [
{
"affected": "\u003c=",
"platform": "Chrome, Edge and Firefox",
"version_affected": "\u003c=",
"version_name": "3.1",
"version_value": "3.1.9211.0"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Data Leakage Attacks vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107217"
},
{
"name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889",
"refsource": "CONFIRM",
"url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3610",
"datePublished": "2019-02-13T17:00:00.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:24:29.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}