All the vulnerabilites related to Trend Micro, Inc. - Virus Baster
jvndb-2011-000028
Vulnerability from jvndb
Published
2011-05-17 17:17
Modified
2011-05-17 17:17
Summary
Virus Buster 2009 key input encryption function vulnerability
Details
Virus Buster 2009 contains a vulnerability within the key input encryption function.
The key input encryption function in Virus Buster 2009 contains a vulnerability where a portion of password that is entered in the web browser is not properly encrypted.
Nobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Trend Micro, Inc. | Virus Baster |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000028.html",
"dc:date": "2011-05-17T17:17+09:00",
"dcterms:issued": "2011-05-17T17:17+09:00",
"dcterms:modified": "2011-05-17T17:17+09:00",
"description": "Virus Buster 2009 contains a vulnerability within the key input encryption function.\r\n\r\nThe key input encryption function in Virus Buster 2009 contains a vulnerability where a portion of password that is entered in the web browser is not properly encrypted.\r\n\r\nNobuhiro Tsuji of NTT DATA SECURITY CORPORATION reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000028.html",
"sec:cpe": {
"#text": "cpe:/a:trendmicro:virus_baster",
"@product": "Virus Baster",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "2.1",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000028",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN99175647/index.html",
"@id": "JVN#99175647",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1327",
"@id": "CVE-2011-1327",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1327",
"@id": "CVE-2011-1327",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Virus Buster 2009 key input encryption function vulnerability"
}
jvndb-2007-000135
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
CCC Cleaner buffer overflow vulnerability
Details
CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.
This vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro's website.
CCC Cleaner is affected by this vulnerability only when the following file is contained in the "CCC Cleaner" folder.
Filenames: lpt$vpn.185
As of February 13, 2006, Trend Micro has announced that the vulnerability "the Anti-Rootkit Common Module (TmComm.sys)" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor's website.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000135.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "CCC Cleaner, provided by Cyber Clean Center between January 25 and February 9, 2007, contains a buffer overflow vulnerability that occurs when it scans UPX-packed executables.\r\n\r\nThis vulnerability is caused by a buffer overflow vulnerability in the scan processing of UPX compressed executables found in TrendMicro Antivirus. For details of this vulnerability, please refer to TrendMicro\u0027s website.\r\n\r\nCCC Cleaner is affected by this vulnerability only when the following file is contained in the \"CCC Cleaner\" folder.\r\n\r\nFilenames: lpt$vpn.185\r\n\r\nAs of February 13, 2006, Trend Micro has announced that the vulnerability \"the Anti-Rootkit Common Module (TmComm.sys)\" disclosed on February 11, 2006 does not affect CCC Cleaner. For more information, refer to the vendor\u0027s website.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000135.html",
"sec:cpe": [
{
"#text": "cpe:/a:misc:ccc_cleaner",
"@product": "CCC Cleaner",
"@vendor": "Cyber Clean Center",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:anti-spyware_for_consumer",
"@product": "Trend Micro Anti-Spyware for Consumer",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:anti-spyware_for_enterprise",
"@product": "Trend Micro Anti-Spyware for Enterprise",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:anti-spyware_for_smb",
"@product": "Trend Micro Anti-Spyware for SMB",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:antivirus",
"@product": "Trend Micro Antivirus",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:business_security",
"@product": "Worry-Free Business Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:client_server_messaging_security_for_smb",
"@product": "Client / Server / Messaging Security for SMB",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:damage_cleanup_services",
"@product": "Damage Cleanup Services",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:pc_cillin_internet_security",
"@product": "Trend Micro PC Cillin Internet Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:rootkit_provision_module_tmcomm.sys",
"@product": "Rootkit Provision Module (TmComm.sys)",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:virus_baster",
"@product": "Virus Baster",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.4",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000135",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN77366274/index.html",
"@id": "JVN#77366274",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0856",
"@id": "CVE-2007-0856",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0856",
"@id": "CVE-2007-0856",
"@source": "NVD"
},
{
"#text": "http://www.kb.cert.org/vuls/id/282240",
"@id": "VU#282240",
"@source": "CERT-VN"
},
{
"#text": "http://www.kb.cert.org/vuls/id/666800",
"@id": "VU#666800",
"@source": "CERT-VN"
},
{
"#text": "http://secunia.com/advisories/24069/",
"@id": "SA24069",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/22448",
"@id": "22448",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/32353",
"@id": "32353",
"@source": "XF"
},
{
"#text": "http://www.securitytracker.com/id?1017604",
"@id": "1017604",
"@source": "SECTRACK"
},
{
"#text": "http://www.securitytracker.com/id?1017605",
"@id": "1017605",
"@source": "SECTRACK"
},
{
"#text": "http://www.securitytracker.com/id?1017606",
"@id": "1017606",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/0521",
"@id": "FrSIRT/ADV-2007-0521",
"@source": "FRSIRT"
}
],
"title": "CCC Cleaner buffer overflow vulnerability"
}