All the vulnerabilites related to Trend Micro, Inc. - Trend Micro Internet Security
jvndb-2016-000166
Vulnerability from jvndb
Published
2016-09-16 14:31
Modified
2016-09-16 14:31
Severity ?
Summary
Trend Micro Internet Security vulnerability where files may be excluded as scan targets
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability where arbitrary files or folders may be excluded as scan targets when the conditions below are met.
* An attacker can place a specific file into the system
* The attacker can execute a specific API from the specific file
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/jp/JVN98126322/index.html | |
| No Mapping(CWE-Other) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Trend Micro, Inc. | Trend Micro Internet Security |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000166.html",
"dc:date": "2016-09-16T14:31+09:00",
"dcterms:issued": "2016-09-16T14:31+09:00",
"dcterms:modified": "2016-09-16T14:31+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability where arbitrary files or folders may be excluded as scan targets when the conditions below are met.\r\n\r\n* An attacker can place a specific file into the system\r\n* The attacker can execute a specific API from the specific file\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000166.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000166",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN98126322/index.html",
"@id": "JVN#98126322",
"@source": "JVN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Trend Micro Internet Security vulnerability where files may be excluded as scan targets"
}
jvndb-2016-000088
Vulnerability from jvndb
Published
2016-06-02 16:18
Modified
2016-06-22 18:08
Severity ?
Summary
Trend Micro Internet Security vulnerable to arbitrary script execution
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution.
According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/jp/JVN48789425/index.html | |
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1226 | |
| NVD | https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1226 | |
| Improper Input Validation(CWE-20) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Trend Micro, Inc. | Trend Micro Internet Security |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000088.html",
"dc:date": "2016-06-22T18:08+09:00",
"dcterms:issued": "2016-06-02T16:18+09:00",
"dcterms:modified": "2016-06-22T18:08+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution.\r\n\r\nAccording to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000088.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000088",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN48789425/index.html",
"@id": "JVN#48789425",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1226",
"@id": "CVE-2016-1226",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1226",
"@id": "CVE-2016-1226",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-20",
"@title": "Improper Input Validation(CWE-20)"
}
],
"title": "Trend Micro Internet Security vulnerable to arbitrary script execution"
}
jvndb-2016-000073
Vulnerability from jvndb
Published
2016-06-02 16:18
Modified
2016-06-22 18:12
Severity ?
Summary
Trend Micro Internet Security access restriction flaw
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw.
According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Trend Micro, Inc. | Trend Micro Internet Security |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000073.html",
"dc:date": "2016-06-22T18:12+09:00",
"dcterms:issued": "2016-06-02T16:18+09:00",
"dcterms:modified": "2016-06-22T18:12+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw.\r\n\r\nAccording to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000073.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "5.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000073",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN48789425/index.html",
"@id": "JVN#48789425",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1225",
"@id": "CVE-2016-1225",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1225",
"@id": "CVE-2016-1225",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Trend Micro Internet Security access restriction flaw"
}
jvndb-2021-005174
Vulnerability from jvndb
Published
2021-12-09 13:43
Modified
2021-12-09 13:43
Summary
Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)
Details
Trend Micro Incorporated has released security updates for Trend Micro Security 2021 family (Consumer).
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Trend Micro, Inc. | Trend Micro Internet Security |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-005174.html",
"dc:date": "2021-12-09T13:43+09:00",
"dcterms:issued": "2021-12-09T13:43+09:00",
"dcterms:modified": "2021-12-09T13:43+09:00",
"description": "Trend Micro Incorporated has released security updates for Trend Micro Security 2021 family (Consumer).\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-005174.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2021-005174",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU98117192/index.html",
"@id": "JVNVU#98117192",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32460",
"@id": "CVE-2021-32460",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43772",
"@id": "CVE-2021-43772",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32460",
"@id": "CVE-2021-32460",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-43772",
"@id": "CVE-2021-43772",
"@source": "NVD"
}
],
"title": "Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)"
}