Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for True Key (TK) by McAfee, LLC

    CVE-2019-3610 (GCVE-0-2019-3610)

    Vulnerability from nvd – Published: 2019-02-13 17:00 – Updated: 2024-09-16 18:24
    VLAI
    Title
    True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability
    Summary
    Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
    CWE
    • Data Leakage Attacks vulnerability
    Assigner
    References
    Impacted products
    Vendor Product Version
    McAfee, LLC True Key (TK) Affected: 3.1 , ≤ 3.1.9211.0 (custom)
    Create a notification for this product.
    Date Public
    2019-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.593Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "107217",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107217"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Chrome, Edge and Firefox"
              ],
              "product": "True Key (TK)",
              "vendor": "McAfee, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "3.1.9211.0",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Data Leakage Attacks vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-05T10:57:02.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "name": "107217",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107217"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@mcafee.com",
              "DATE_PUBLIC": "2019-02-13T15:00:00.000Z",
              "ID": "CVE-2019-3610",
              "STATE": "PUBLIC",
              "TITLE": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "True Key (TK)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "platform": "Chrome, Edge and Firefox",
                                "version_affected": "\u003c=",
                                "version_name": "3.1",
                                "version_value": "3.1.9211.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "McAfee, LLC"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Data Leakage Attacks vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "107217",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107217"
                },
                {
                  "name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889",
                  "refsource": "CONFIRM",
                  "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2019-3610",
        "datePublished": "2019-02-13T17:00:00.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:24:29.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3610 (GCVE-0-2019-3610)

    Vulnerability from cvelistv5 – Published: 2019-02-13 17:00 – Updated: 2024-09-16 18:24
    VLAI
    Title
    True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability
    Summary
    Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
    CWE
    • Data Leakage Attacks vulnerability
    Assigner
    References
    Impacted products
    Vendor Product Version
    McAfee, LLC True Key (TK) Affected: 3.1 , ≤ 3.1.9211.0 (custom)
    Create a notification for this product.
    Date Public
    2019-02-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:12:09.593Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "107217",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107217"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "Chrome, Edge and Firefox"
              ],
              "product": "True Key (TK)",
              "vendor": "McAfee, LLC",
              "versions": [
                {
                  "lessThanOrEqual": "3.1.9211.0",
                  "status": "affected",
                  "version": "3.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-02-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Data Leakage Attacks vulnerability",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-03-05T10:57:02.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "name": "107217",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107217"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@mcafee.com",
              "DATE_PUBLIC": "2019-02-13T15:00:00.000Z",
              "ID": "CVE-2019-3610",
              "STATE": "PUBLIC",
              "TITLE": "True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "True Key (TK)",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c=",
                                "platform": "Chrome, Edge and Firefox",
                                "version_affected": "\u003c=",
                                "version_name": "3.1",
                                "version_value": "3.1.9211.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "McAfee, LLC"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Data Leakage Attacks vulnerability"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "107217",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107217"
                },
                {
                  "name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889",
                  "refsource": "CONFIRM",
                  "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2019-3610",
        "datePublished": "2019-02-13T17:00:00.000Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:24:29.562Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }