Search criteria
5 vulnerabilities found for Trend Micro Internet Security by Trend Micro, Inc.
JVNDB-2025-007390
Vulnerability from jvndb - Published: 2025-06-24 11:18 - Updated:2025-06-24 11:18Summary
Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)
Details
Trend Micro Incorporated has released security updates for Trend Micro Internet Security and Trend Micro Maximum Security that contains a fix for a link following local privilege escalation vulnerability (CVE-2025-49384, CVE-2025-49385).
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-007390.html",
"dc:date": "2025-06-24T11:18+09:00",
"dcterms:issued": "2025-06-24T11:18+09:00",
"dcterms:modified": "2025-06-24T11:18+09:00",
"description": "Trend Micro Incorporated has released security updates for Trend Micro Internet Security and Trend Micro Maximum Security that contains a fix for a link following local privilege escalation vulnerability (CVE-2025-49384, CVE-2025-49385).\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-007390.html",
"sec:cpe": [
{
"#text": "cpe:/a:trendmicro:maximum_security",
"@product": "Trend Micro Maximum Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
}
],
"sec:identifier": "JVNDB-2025-007390",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU99381846/index.html",
"@id": "JVNVU#99381846",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-49384",
"@id": "CVE-2025-49384",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-49385",
"@id": "CVE-2025-49385",
"@source": "CVE"
}
],
"title": "Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)"
}
JVNDB-2021-005174
Vulnerability from jvndb - Published: 2021-12-09 13:43 - Updated:2021-12-09 13:43Summary
Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)
Details
Trend Micro Incorporated has released security updates for Trend Micro Security 2021 family (Consumer).
Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-005174.html",
"dc:date": "2021-12-09T13:43+09:00",
"dcterms:issued": "2021-12-09T13:43+09:00",
"dcterms:modified": "2021-12-09T13:43+09:00",
"description": "Trend Micro Incorporated has released security updates for Trend Micro Security 2021 family (Consumer).\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-005174.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2021-005174",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU98117192/index.html",
"@id": "JVNVU#98117192",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32460",
"@id": "CVE-2021-32460",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43772",
"@id": "CVE-2021-43772",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32460",
"@id": "CVE-2021-32460",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-43772",
"@id": "CVE-2021-43772",
"@source": "NVD"
}
],
"title": "Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)"
}
JVNDB-2016-000166
Vulnerability from jvndb - Published: 2016-09-16 14:31 - Updated:2016-09-16 14:31
Severity ?
Summary
Trend Micro Internet Security vulnerability where files may be excluded as scan targets
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability where arbitrary files or folders may be excluded as scan targets when the conditions below are met.
* An attacker can place a specific file into the system
* The attacker can execute a specific API from the specific file
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
| Type | URL | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000166.html",
"dc:date": "2016-09-16T14:31+09:00",
"dcterms:issued": "2016-09-16T14:31+09:00",
"dcterms:modified": "2016-09-16T14:31+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability where arbitrary files or folders may be excluded as scan targets when the conditions below are met.\r\n\r\n* An attacker can place a specific file into the system\r\n* The attacker can execute a specific API from the specific file\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000166.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000166",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN98126322/index.html",
"@id": "JVN#98126322",
"@source": "JVN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Trend Micro Internet Security vulnerability where files may be excluded as scan targets"
}
JVNDB-2016-000073
Vulnerability from jvndb - Published: 2016-06-02 16:18 - Updated:2016-06-22 18:12
Severity ?
Summary
Trend Micro Internet Security access restriction flaw
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw.
According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000073.html",
"dc:date": "2016-06-22T18:12+09:00",
"dcterms:issued": "2016-06-02T16:18+09:00",
"dcterms:modified": "2016-06-22T18:12+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw.\r\n\r\nAccording to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000073.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "5.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000073",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN48789425/index.html",
"@id": "JVN#48789425",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1225",
"@id": "CVE-2016-1225",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1225",
"@id": "CVE-2016-1225",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Trend Micro Internet Security access restriction flaw"
}
JVNDB-2016-000088
Vulnerability from jvndb - Published: 2016-06-02 16:18 - Updated:2016-06-22 18:08
Severity ?
Summary
Trend Micro Internet Security vulnerable to arbitrary script execution
Details
Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution.
According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.
Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000088.html",
"dc:date": "2016-06-22T18:08+09:00",
"dcterms:issued": "2016-06-02T16:18+09:00",
"dcterms:modified": "2016-06-22T18:08+09:00",
"description": "Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution.\r\n\r\nAccording to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used.\r\n\r\nTrend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000088.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster_cloud",
"@product": "Trend Micro Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "6.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000088",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN48789425/index.html",
"@id": "JVN#48789425",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1226",
"@id": "CVE-2016-1226",
"@source": "CVE"
},
{
"#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1226",
"@id": "CVE-2016-1226",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-20",
"@title": "Improper Input Validation(CWE-20)"
}
],
"title": "Trend Micro Internet Security vulnerable to arbitrary script execution"
}